590f3f85f8f788778f0c326843c737b8c53afe4d2f5f1f5edba0863d1e42ccbb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

590f3f85f8f788778f0c326843c737b8c53afe4d2f5f1f5edba0863d1e42ccbb
Size

5.8MB
MD5

5fcfed63fea2988beb93fb815f840629
SHA1

d2719a988272bb0cc88af0d425852d5900d60d56
SHA256

590f3f85f8f788778f0c326843c737b8c53afe4d2f5f1f5edba0863d1e42ccbb
SHA512

6f7799ae20c5721248253f2c2d0521807c463f3e5243ba1f7e92f25c8b39dd71d464500c55793e75f369199c2c2923868d1d5f7e0c39c28acc0ad67e8312a6fc
SSDEEP

98304:GilejwK5spxuf7qrMAfFe1xl1Zu4v5tXZg9jUCmkKGGk12kYiqHed3HJstw8VhI1:GiMMbpxyqIAf01xRu4v7G9QTkKbkXYit

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
590f3f85f8f788778f0c326843c737b8c53afe4d2f5f1f5edba0863d1e42ccbb

Files

590f3f85f8f788778f0c326843c737b8c53afe4d2f5f1f5edba0863d1e42ccbb
.dll windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Exports

Exports

post

Sections

Size: 4.3MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vcyspeid
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kgebfnbz
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE