59d5081a3b24e430201013f1ee75a853559126d688d984e3025acaed80312cdc | Triage

Sharing

General

Target

59d5081a3b24e430201013f1ee75a853559126d688d984e3025acaed80312cdc
Size

1.7MB
MD5

a10997a94a5f8b498035228d7527ace0
SHA1

e4c524d4cd8c9e2ea3a6c7e3adb2b7a1ec6d98f0
SHA256

59d5081a3b24e430201013f1ee75a853559126d688d984e3025acaed80312cdc
SHA512

1159446b139422ac84ba3d385b759b19561533c10cac1b5e04f8e5e77a520929ba9ee3ad0445b3cf9a52d274e421a066ebf3a3dc5ed4cd0bdc00f0f1357f8afa
SSDEEP

49152:5T3mle9yQoiW1GMffyR49Ro+5AJMngj8:d3wmW1GMfo06+5AyQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
59d5081a3b24e430201013f1ee75a853559126d688d984e3025acaed80312cdc

Files

59d5081a3b24e430201013f1ee75a853559126d688d984e3025acaed80312cdc
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 152KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

exmweqqx
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xpjjftio
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE