659c126b2e5b919ff0379f5a439354a0d304d0f61784ff60dc7e7f759c2a74a1N | Triage

Sharing

General

Target

659c126b2e5b919ff0379f5a439354a0d304d0f61784ff60dc7e7f759c2a74a1N
Size

137KB
MD5

9cda552d03be8518a09e414b7b915bd0
SHA1

5b70e583a2d4580650ac352022ce637a11f53f24
SHA256

659c126b2e5b919ff0379f5a439354a0d304d0f61784ff60dc7e7f759c2a74a1
SHA512

8732a48c0a5ba2cdc3a9c63120c9484229aba2659820b5a6a813153d051d132eff0b26352cb3fed7c35c6074ecfdccd8934c83e8a095405e62f3d26d3499349e
SSDEEP

3072:25SZadCWKFIj4yO2kMZicfZumhttHtZDw:OZxKC4fruYmhDDM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
659c126b2e5b919ff0379f5a439354a0d304d0f61784ff60dc7e7f759c2a74a1N

Files

659c126b2e5b919ff0379f5a439354a0d304d0f61784ff60dc7e7f759c2a74a1N
.exe windows:5 windows x86 arch:x86

57825749626089e834c3d4124df8fe32

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

TlsGetValue
GetLocaleInfoA
SetLastError
GetDriveTypeW
GetTickCount
IsValidCodePage
GetFileAttributesA
GetModuleHandleA
GetStringTypeA
IsBadWritePtr
VirtualProtect
HeapSize
CreateDirectoryW
GetFileAttributesA
GetCurrentProcess
FindClose
FindResourceA
LocalLock
RemoveDirectoryW
MapViewOfFile
GetExitCodeThread

user32

GetWindowTextW
SetFocus
GetCapture
IsDialogMessageA
wsprintfW
DispatchMessageA
PeekMessageW
GetWindowLongW
IsWindow
PostMessageW
LoadCursorA
SetCursor
LoadImageW

msaatext

DllUnregisterServer
DllCanUnloadNow
DllGetClassObject
DllUnregisterServer

rasapi32

DwRasUninitialize

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.import
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE