51f11972aa8d94af9bb53117eae8cc06af1e584c7f5aabb7fbbfd7eb17705859 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

51f11972aa8d94af9bb53117eae8cc06af1e584c7f5aabb7fbbfd7eb17705859
Size

1.1MB
MD5

518b75f57a5dc1b09cade612fa57f944
SHA1

7f00a6af117af5c502b64882ef1542c73a7568c6
SHA256

51f11972aa8d94af9bb53117eae8cc06af1e584c7f5aabb7fbbfd7eb17705859
SHA512

cf74327d30ba539047d666f8c2e2eca2930027ccde311012a2351137dc1746e204f647f1204c68df0edfc81382c64af5404172aff67611c7af904d774823f6f3
SSDEEP

12288:VPMpKoD+9vCx2MoK7ApkSLhxOEtTGHreQrcZNYY2Ouaci+L6kSVyQ7Pv/VGwoD/I:Vn++VCxzt7adL20TacUlNaky9PMHG1eC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51f11972aa8d94af9bb53117eae8cc06af1e584c7f5aabb7fbbfd7eb17705859

Files

51f11972aa8d94af9bb53117eae8cc06af1e584c7f5aabb7fbbfd7eb17705859
.exe windows x86

31720b9aeb31684bf8403e085e7f660c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

msimg32

GradientFill

gdi32

UpdateColors

version

VerQueryValueA

mpr

WNetGetConnectionA

ole32

CreateStreamOnHGlobal

comctl32

_TrackMouseEvent

wininet

InternetCheckConnectionA

shell32

ShellExecuteA

comdlg32

GetSaveFileNameA

winmm

PlaySoundA

Sections

.text
Size: 1.1MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE