51ca240c8496b40ebc322ac8c54e8d03 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

51ca240c8496b40ebc322ac8c54e8d03
Size

745KB
MD5

51ca240c8496b40ebc322ac8c54e8d03
SHA1

99e5424ab33852a517ec1659c8200b0f955d391c
SHA256

20ddfd361c3575556ec889a0ad421fc607b7e05f69fc7a6bd008c2a054840791
SHA512

c36bf43dabf7ee600fd2d20f8cbfe3b47d9cf401cc9e5402a4c850d23707fdb005257f8c7b9024a9fcbe2834860948273f6fce905543c4a5329fe082550e12c0
SSDEEP

12288:4i5ulr99k0DqXsNgcME0s8VCXBgjtKsbw+mzghR5QsEcNs+sKUeeMVz4A:4+SZDxohCXBgl0+Mg360ReMVs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51ca240c8496b40ebc322ac8c54e8d03

Files

51ca240c8496b40ebc322ac8c54e8d03
.exe windows:5 windows x86 arch:x86

9e0f2a1ce68192cad5c7ad41af02c1e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
SetLastError
GetModuleHandleA
GetFileTime
Sleep
GetEnvironmentVariableW
GetCurrentDirectoryW
HeapCreate
EnterCriticalSection
LocalSize
ReadFile
SuspendThread
GetFileAttributesA
GlobalLock
GetDriveTypeA
GetFileType
IsBadReadPtr
CloseHandle
ExitProcess
SetLastError
MapViewOfFile
HeapFree
SetFileAttributesW
GetCommandLineA
WaitForSingleObject

uxtheme

GetWindowTheme
CloseThemeData
GetThemeColor
GetThemeBool
IsThemeActive
OpenThemeData
GetThemeTextExtent
GetThemeTextMetrics
GetThemeEnumValue
DrawThemeEdge
SetWindowTheme
CloseThemeData
DrawThemeBackground

deskmon

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 738KB - Virtual size: 738KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE