58550d13348ebb09fb99ba12dca64b1a20de993b4e2b1c636fca8ccbd96e541b[.]exe | Triage

Resubmissions

26-11-2024 01:36

241126-b1lxfaxkfs 10

25-11-2024 21:14

241125-z3fefatkhn 10

Sharing

General

Target

58550d13348ebb09fb99ba12dca64b1a20de993b4e2b1c636fca8ccbd96e541b.exe
Size

223KB
MD5

c5c9a03dab0feb598ebb7aabf515a6df
SHA1

5a20dde0c8de1a420c5632d609c581f1d999b401
SHA256

58550d13348ebb09fb99ba12dca64b1a20de993b4e2b1c636fca8ccbd96e541b
SHA512

b33b6844d31a1b8dd0c9123b28ee2fbe958d82a344589bad387f6b06a309959cf37644b726e6494f59ad07947484d1c091e25ec5498aca3f872298aa6015b8e3
SSDEEP

6144:IDVCQUW9fVnUWSpsMtlTsHpqLoJ61Fyzh/:E0W9fed+MLsHpqEJsmh/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
58550d13348ebb09fb99ba12dca64b1a20de993b4e2b1c636fca8ccbd96e541b.exe

Files

58550d13348ebb09fb99ba12dca64b1a20de993b4e2b1c636fca8ccbd96e541b.exe
.dll windows:6 windows x86 arch:x86

1f6199c52a5d3ffac2a25f6b3601dd22

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

qsort
bsearch

kernel32

VirtualProtect
IsBadReadPtr
LoadLibraryW
SetLastError
HeapAlloc
HeapFree
GetProcessHeap
VirtualAlloc
VirtualFree
VirtualQuery
FreeLibrary
GetProcAddress
LoadLibraryExA
LoadLibraryA

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 470B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 215KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ