51e987c1ca45ef5b448c81557739f4c5 | Triage

Sharing

General

Target

51e987c1ca45ef5b448c81557739f4c5
Size

17KB
MD5

51e987c1ca45ef5b448c81557739f4c5
SHA1

5e8c69bb644440de31e27abda3a0f8cd294d5039
SHA256

12ecefabe5efad4660e7a97e198873526bdd8896c3308addf84cc1be84ad53ba
SHA512

d10e043346d9ccc3692a2a10ac19c03162a49bde2c7b84238e3e51a340e6cc48929145ff32ffaed758100d19a5e310a0a26a27158e5e659855ef0e945a129181
SSDEEP

192:bluS/DBGSXV3oJTQ+5uatfC+5QP4oyxapkohZxpkohfY+E:blv03uaBC+04TwLg+E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51e987c1ca45ef5b448c81557739f4c5

Files

51e987c1ca45ef5b448c81557739f4c5
.exe windows:4 windows x86 arch:x86

210aa1e11c771de49b182a60a3983648

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
exit
__p__fmode
__set_app_type
_controlfp
_XcptFilter
_exit
_setjmp3
signal
malloc
free
longjmp
_except_handler3
printf
strncmp
__p__commode
wcscpy

kernel32

GetFileSize
CloseHandle
CreateFileMappingA
MapViewOfFile
GetModuleHandleA
VirtualProtect
VirtualAlloc
SetFilePointer
ExitProcess
UnmapViewOfFile
CreateFileA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 842B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE