51c743b190c56d60f447b5f6d1bbfa0a

General

Target

51c743b190c56d60f447b5f6d1bbfa0a
Size

60KB
MD5

51c743b190c56d60f447b5f6d1bbfa0a
SHA1

44c09dbaa776253f7482575cffe8dffe07d3511d
SHA256

8639022353669c3abf68fec2043b993d7906d629d57e17753398ab99372a97b8
SHA512

bfa03043186ef9af797588a30d6c107c5f96f001613e3c1b53d965bbb480df1088aa8f5779a9a6a354c1be161c13073a60283af5ca28dddd29ee5eaef02be21a
SSDEEP

1536:lQsNsI/bBtdaSPknSM9tUNO5MYWYnad9qmlj4JNbG3ksai+a:l5sY1QVUedW3hj4JA4i+a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51c743b190c56d60f447b5f6d1bbfa0a

Files

51c743b190c56d60f447b5f6d1bbfa0a
.exe windows:4 windows x86 arch:x86

7bcd38482d8c6a823ba7574fc8cddf93

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
EraseTape
CreateProcessA
WriteConsoleOutputAttribute
LocalHandle
SignalObjectAndWait
DebugBreak
GetQueuedCompletionStatus
FatalAppExitW
CreateToolhelp32Snapshot
SetLocaleInfoW
GetConsoleCommandHistoryLengthA
SetEnvironmentVariableA
GetLastError
CallNamedPipeA
SetSystemTimeAdjustment
WriteFileEx
GlobalGetAtomNameA
ResetWriteWatch
GetFullPathNameW
WritePrivateProfileStringW

msvcrt

memcmp
_sys_nerr
_ctime64
??3@YAXPAX@Z
_mbsnset
__threadhandle
memcpy
_cgets
_commit
_write
_outpw
__lc_handle
strspn
memmove
_adj_fdivr_m16i
_mbsncoll
toupper
_mbslwr
_wfindfirst

gdi32

GetTextFaceW
EngGetPrinterDataFileName
CreateColorSpaceW
EngFillPath
GetTextExtentPointI
GdiPlayJournal

shlwapi

StrDupW
IntlStrEqWorkerA
AssocQueryStringW
PathFindFileNameA
AssocQueryKeyW
PathFileExistsA
SHEnumValueA
StrFormatByteSize64A
PathGetArgsA
SHDeleteOrphanKeyA
StrCmpNA
UrlHashA
SHRegCloseUSKey
AssocQueryStringByKeyW
StrCmpNIW
UrlHashW
SHRegDeleteUSValueA

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7bcd38482d8c6a823ba7574fc8cddf93

Headers

File Characteristics

Imports

kernel32

msvcrt

gdi32

shlwapi

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 50KB - Virtual size: 49KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 20B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 50KB - Virtual size: 49KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 20B