59d65b40d99242dc935249816980bf00 | Triage

Sharing

General

Target

59d65b40d99242dc935249816980bf00
Size

480KB
MD5

59d65b40d99242dc935249816980bf00
SHA1

12ad7fcf1a9abaafe1af7e17eb0bcbec4fde6d63
SHA256

2d8e507da798ba582c0a556f874bd6357a769104f18696f4f7a73ef7d404aabc
SHA512

127dc224e397ca3f368b49067a56cad73e6d0616dbdb9c2bcfc468f1dc82ea1ecf23fd6445e80f33c9d19109874cb913f4c31f004df6ec9469e8eec226880fd7
SSDEEP

12288:+4hbTlQe4tPgQeOwJaivK9HobH/BzEOjAikgX6Gzjcgq4:zhlQ3tP5Lobf3lkQzjy4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59d65b40d99242dc935249816980bf00

Files

59d65b40d99242dc935249816980bf00
.exe windows:4 windows x86 arch:x86

5c591963722cfacdf63dfb5c9a397df6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtSetBootOptions

oleaut32

VarI4FromCy

user32

GetMessagePos

kernel32

GetCommandLineW

Sections

.text
Size: 476KB - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 233B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE