c59c709e1a3487845e92362eb9c57526 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c59c709e1a3487845e92362eb9c57526
Size

11KB
MD5

c59c709e1a3487845e92362eb9c57526
SHA1

69eacce052d163961ec27afbfdf1fc5ae2f0b849
SHA256

d28081e69d87946af8ec298e81ba6d1d2629a5379d5433d9c77ce806a510c21a
SHA512

ace579d58de8eb005ccb35c4c45c4a80eed83a271ddee2e55e228471b69f85251842c4ecb60fcfb28fc36aeff78cd7c08b4ccccc5f46ea72acd44f752a441f18
SSDEEP

192:q6TROqcA+BHOCgkETxMIWybHo3dQPBEFd/vylwJloUthqN5OQ4tZTqqGMLSG7Wd8:1F+QCg5xZWWHo3dQpEF5vWyoiYNV4tUQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c59c709e1a3487845e92362eb9c57526

Files

c59c709e1a3487845e92362eb9c57526
.exe windows:4 windows x86 arch:x86

ea811317c51ddff9b1919e57b366b6a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
CreateProcessA
GetStartupInfoA
GetCurrentProcessId
GetProcAddress
GetThreadPriority
GetACP
GetCurrentThread
GetCurrentThreadId
CancelIo
lstrcatA
FreeLibrary
LoadLibraryA
MoveFileExA
WriteFile
GetCurrentProcess
lstrlenA
GetTempFileNameA
CreateDirectoryA
Sleep
lstrcmpiA
DeleteFileA
ReadFile
SetFilePointer
GetFileSize
GetSystemDirectoryA
GetModuleFileNameA
GetTempPathA
GetShortPathNameA
GetLastError
CreateMutexA
FindFirstFileA
CloseHandle
HeapAlloc
GetProcessHeap
HeapFree
CreateFileA
ExitProcess

user32

SetActiveWindow
wsprintfA
GetTopWindow
GetCapture
GetActiveWindow

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
GetBkColor
CancelDC
GetBrushOrgEx
GetBkMode

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ