50a59261742bd7029242aae4cbd7bb98 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

50a59261742bd7029242aae4cbd7bb98
Size

328KB
MD5

50a59261742bd7029242aae4cbd7bb98
SHA1

c162384689be3d1a748fbeb250ba392dd3460824
SHA256

cb5e9076ad2f33b41a6916841fd003bfe58d637e104d39b130605c593a1a115a
SHA512

93ab3fe4843baaf1bcd3eaefa4c47c41ad0f04e1cea6b64715de90633a35305752760b9605b8f511f783a2500ff3cfe33f07f0b253ca2a6212ea8932113422e0
SSDEEP

6144:Cjj+cbDOqpL33JaB9LjY9OFEB3B1V8CKy7Z/wtxDdK:Cjj+sJwBWsF2Ka/wtxE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
50a59261742bd7029242aae4cbd7bb98

Files

50a59261742bd7029242aae4cbd7bb98
.exe windows:4 windows x86 arch:x86

f7e83f2250f6f79fd696b422d2cd2c38

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
CreateThread
GetCurrentProcess
GetCurrentThreadId
GetProcessHeap
GetTimeFormatA
GlobalAlloc
GlobalLock
LoadLibraryA
LocalFree
MapViewOfFile
OpenEventA
ReleaseMutex
SetErrorMode
SetEvent
SetFilePointer
Sleep
TerminateProcess
WaitForSingleObject
WriteConsoleA
lstrlenA

user32

CopyRect
CreatePopupMenu
DeleteMenu
GetMenuDefaultItem
GetMenuItemInfoW
IsWindowEnabled
PostMessageW
SendMessageTimeoutW

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 834B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 313KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ