b59bf48276d6e24cb5035b3668c4e8b6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b59bf48276d6e24cb5035b3668c4e8b6
Size

50KB
MD5

b59bf48276d6e24cb5035b3668c4e8b6
SHA1

e5860ac44c1242a82bf6a91049ed4bc18e2a0a58
SHA256

e233519432024d8e5c015210737b7451247b985efbb45c3cd4d708aee0468e2c
SHA512

6e769e69516c4d5b6bc78f4368f3d617873f824e4752c548db3d5bd781e140174e555fe7518135fa77e4a7cbae0940431bfef7780379a4a7a4e15842f7d5565d
SSDEEP

768:FWPywNYnxHbafgY2x25DVc/Ei1xRG964n18zB8co0nIdncuPAYcR7RXani0b:F1wm243yuhnzB8com2ncDKi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b59bf48276d6e24cb5035b3668c4e8b6

Files

b59bf48276d6e24cb5035b3668c4e8b6
.exe windows:5 windows x86 arch:x86

79b3362178937bf9559741c46bb9e035

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

Sections

.MPRESS1
Size: 49KB - Virtual size: 716KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE