51bd58883a501c7127ef3276fcfa4b53 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

51bd58883a501c7127ef3276fcfa4b53
Size

97KB
MD5

51bd58883a501c7127ef3276fcfa4b53
SHA1

bccb8d12fd0b8bf88bab96735737c90f0a227031
SHA256

3fbac63f5929d8287e0cc0483bd5d8f3cf7bd5e0408751a12895cd614db4fdf9
SHA512

52e251e8143e71f592d303f70146535ec367a96e44f0bc6cb960bcc8cab42cdbe3be1c2c1dfbf1e7745d48904f86d4cfe79313e10af3d2733174617483ca53b0
SSDEEP

1536:2i83AXk5PruR1Ps+PflxX0D+H1/ChbpQxRPjjke:2i83A0ARDX0sghbux9jjke

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51bd58883a501c7127ef3276fcfa4b53

Files

51bd58883a501c7127ef3276fcfa4b53
.exe windows:4 windows x86 arch:x86

51fe48de2a0a2a39ed4e46113168cef5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
GetDC
GetDesktopWindow
CharNextA

kernel32

GetStartupInfoA
GlobalFindAtomW
RemoveDirectoryA
GetDriveTypeA
lstrcmpA
GetVersion
GetUserDefaultLangID
SetCurrentDirectoryA
GetTickCount
SetLastError
GetThreadLocale
lstrcmpiA
DeleteFileA
IsDebuggerPresent
GetCurrentProcessId
GetCurrentProcess
GetModuleHandleW
GetProcessHeap
GetWindowsDirectoryA
DeleteFileW
GlobalFindAtomA
GetCurrentThread
MulDiv
GetACP
GetCommandLineA
GetCurrentThreadId
GetLastError
GetConsoleOutputCP
CopyFileA
lstrlenW
GetCommandLineW
QueryPerformanceCounter
GetModuleHandleA
lstrcmpiW
LoadLibraryW
Sleep
lstrlenA
GetOEMCP
VirtualAlloc

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ