59c8f297a48800fb6882c291ed30e3c1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

59c8f297a48800fb6882c291ed30e3c1
Size

172KB
MD5

59c8f297a48800fb6882c291ed30e3c1
SHA1

59490a1967ed2ca32c89bef43716109f64a2e575
SHA256

b76cbf0cc2283408c327811d3546b52c9acc3f586374b2011dda3e2fc6a586fd
SHA512

938698921adb9582a3fbcd591fa014e2c93d7fe81d9aef93f479ce77b7535b5503ee86464a3ad2174220dad01f26a989f9095c5d787783257f7b489f2f2be95d
SSDEEP

3072:qOFukULSCFSlZsKO0aPYHT5rbi7n+KKrj561gxRc2+hyBJqVweADmQNU4:qcusVZsDYz5rwLEMfBhyBJqV6TNU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59c8f297a48800fb6882c291ed30e3c1

Files

59c8f297a48800fb6882c291ed30e3c1
.exe windows:4 windows x86 arch:x86

91f126642d84ac90a5593817dc76641f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcat
CmdBatNotification
DosPathToSessionPathA
RegisterConsoleIME
Heap32Next
AddConsoleAliasA
GetCurrentThread
EnumSystemLocalesW
InterlockedExchange
CreateToolhelp32Snapshot
GetLongPathNameW
FindNextVolumeA
HeapFree
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

.code
Size: 4KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ