51e94d6b1331e4dfdcfaeee434639084 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

51e94d6b1331e4dfdcfaeee434639084
Size

498KB
MD5

51e94d6b1331e4dfdcfaeee434639084
SHA1

af3be70175bced0cc369dac122258fc7207780e6
SHA256

dd01e524e6c0213c01cb3073051350141a112a37e878e9170f608bde23379706
SHA512

75facf6c44cac9e49fb76213f74f9831a1c92d23518ad98cfa7aef054ca2961187133649a46b7c4ec6f32e6a8eae39d9859601666976d0288d4f0517daa89cd0
SSDEEP

6144:a+Ougpjf6XnZnUstWo5n54qobcscKZV+K+sLNo630PMsSj8dqZS0UPpzeeFpFUzV:aHpjf+WehoB5Zf+s51INqY04zePm/i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51e94d6b1331e4dfdcfaeee434639084

Files

51e94d6b1331e4dfdcfaeee434639084
.exe windows:5 windows x86 arch:x86

8b0bf59cba135b76f2cdb8997777747a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowTextLengthW
GetParent
GetMessageW
PeekMessageW
wsprintfA
RegisterClassA
MessageBoxA
SetFocus
GetWindowPlacement

kernel32

EnterCriticalSection
LoadLibraryA
GetCurrentThreadId
InitializeCriticalSection
InterlockedIncrement
GetModuleHandleW
GetDiskFreeSpaceA
GlobalAlloc
OpenEventA
GlobalFree
GetFileType
MoveFileExW
ExitProcess
SetLastError
DeleteCriticalSection
GetFullPathNameA
DebugBreak
LeaveCriticalSection
VirtualAlloc
lstrlenW
GetSystemTime
GetModuleHandleA
OpenEventW
InitializeCriticalSectionAndSpinCount
GetProcAddress
GetUserDefaultLCID
GetFileAttributesW
GetFileTime
GetModuleFileNameA
GetLocaleInfoA

advapi32

RegCreateKeyW
GetTokenInformation

msvcrt

??3@YAXPAX@Z
??0exception@@QAE@XZ
_amsg_exit
_initterm
_exit

version

GetFileVersionInfoSizeW

Sections

.text
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 247KB - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ