51b4cfeb12d587a46b132a980f2a0a97 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

51b4cfeb12d587a46b132a980f2a0a97
Size

31KB
MD5

51b4cfeb12d587a46b132a980f2a0a97
SHA1

7891622ba98a807610a123bf34173d4fde1ea8d7
SHA256

e06bbac2d71cd32603877dce2efd8dee1711d1fed9e4f35d19a4e2a8d36e3bb2
SHA512

4bfcd7d5ffdb1360a43caee37ffcb194e6d7d6c1767699e399ab18df17c7354f4dd45380d59b863a16c327a5acb88ee3e91a50076eaf9125a3e972dfda927c7e
SSDEEP

768:2A4MmEREYMh0dA5ohnMh8B5V/d0XqohPrQWCGpz1:2NxEREYBGohMhw3kXTvx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51b4cfeb12d587a46b132a980f2a0a97

Files

51b4cfeb12d587a46b132a980f2a0a97
.exe windows:4 windows x86 arch:x86

b48b2bdd16b8824dd3e7fde330bb72c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ulib

?Replace@WSTRING@@QAEEKKPBV1@KK@Z
?Construct@BDSTRING@@AAEXXZ
?Fatal@PROGRAM@@UBEXXZ
??1FSTRING@@UAE@XZ
??0MEM_ALLOCATOR@@QAE@XZ
?AppendDelimiter@PATH@@QAEEXZ
??0OBJECT@@IAE@XZ
?Resize@FSTRING@@UAEEK@Z
?IsKeyPressed@MESSAGE@@UAEEKK@Z
??0STREAM_MESSAGE@@QAE@XZ
?Initialize@LONG_ARGUMENT@@QAEEPAD@Z

kernel32

SetTapePosition
HeapSummary
ReadFile
TlsGetValue
GetProfileIntW

gdi32

CreateSolidBrush
Ellipse
SetROP2

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 774B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE