51bd2b0c38f3d853f2bb540ee6489b82 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

51bd2b0c38f3d853f2bb540ee6489b82
Size

189KB
MD5

51bd2b0c38f3d853f2bb540ee6489b82
SHA1

05ceeff0bec30d8998c8f53830cc8de15315e134
SHA256

f5c1f1cba2c8a78d6f7746568f806573cc169b2c76830e03f7f119219c464f57
SHA512

2754371fd19fbb4b9dece19410b3d4e7ff5131b823a14674e68eeee8c0738aefee8ce17389c59de0d16ae6372c226e3d796c139505bf75b43f84407d04a175e3
SSDEEP

3072:jxInhUSCPhs1y7OfKhdhTZA0mPPVtza6v/1ovu19xcNJDCr:KhUSeUy7OSh7TZA0mHVpaIsixc3DC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51bd2b0c38f3d853f2bb540ee6489b82

Files

51bd2b0c38f3d853f2bb540ee6489b82
.exe windows:4 windows x86 arch:x86

a3e0a2aa89978b6935b48415f714b797

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgCreateDocfile
StgOpenStorage

kernel32

lstrlenA
CloseHandle
IsBadWritePtr
GetShortPathNameW
SetUnhandledExceptionFilter
DeleteCriticalSection
GetProcessTimes
CreateFileA
LoadLibraryA
lstrlenW
GetLastError
IsBadReadPtr
EnumResourceTypesA
GetProcAddress
MultiByteToWideChar
GetCurrentProcessId
IsDebuggerPresent
ExitProcess
LocalFree
GetCurrentThreadId
InitializeCriticalSection
GetModuleHandleA
FreeLibrary
GetThreadLocale
UnhandledExceptionFilter
WideCharToMultiByte
GetVersionExA

user32

wsprintfA
wsprintfW

msvfw32

ICClose
ICOpen
ICSendMessage
ICDecompress

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ