59ff1d3a03cca53e4620bfc8f069503e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

59ff1d3a03cca53e4620bfc8f069503e
Size

15KB
MD5

59ff1d3a03cca53e4620bfc8f069503e
SHA1

46c25bf4d26569fe641afa53a0f4303465c85ecd
SHA256

9f01b9cf769eaa6ffaaa6e4598797297dd089d11ae382ad2bd5a8a7fa0ed99ac
SHA512

baf1e42dd8159fe1269272b0677877a54904adf10de1dd64eb5a3a19c9c62ced8b672c29e88aa64bdb76ca52af39977f778c3a5c606c68a75ff7fd618323fee0
SSDEEP

192:P3CyWkD+lZwffuMjrgyuPUfa9jCitbamfD2B73IvzSpvgugZ05tGC:ii+vwffuMjdfG3tumCB73M4vgs5tG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59ff1d3a03cca53e4620bfc8f069503e

Files

59ff1d3a03cca53e4620bfc8f069503e
.dll windows:4 windows x86 arch:x86

3e181068a906fb2ab63773f599496ca6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CallWindowProcW
RegisterClassExW
ReleaseDC
InvalidateRect
GetWindowContextHelpId
GetMenuItemID
GetDC
wsprintfA

kernel32

InitAtomTable
lstrlenA
lstrcatA
SystemTimeToFileTime
SleepEx
Sleep
RtlMoveMemory
BeginUpdateResourceA
CloseHandle
CreateThread
DeviceIoControl
ExitProcess
ExitThread
FlushViewOfFile
GetCommandLineA
GetProcessHeaps
GetSystemTime
GetTickCount
GlobalAlloc
GlobalFree
OpenMutexA
LoadLibraryA
LoadLibraryExA

gdi32

BitBlt
CreateCompatibleDC
CreateDIBSection
DeleteDC
DeleteObject
GetDeviceCaps
GetFontResourceInfoW
SelectObject

Exports

Exports

g8dopa

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ