51d583e27fdb3798d7e7b59500c429b7

General

Target

51d583e27fdb3798d7e7b59500c429b7
Size

100KB
MD5

51d583e27fdb3798d7e7b59500c429b7
SHA1

3b05a8a0594124f030ee0a66824f1e3198619c22
SHA256

ff28d891248a58210a3a7218f6173c1986723dadd6536b32ce2fbf3c4bb87e6e
SHA512

2ea36245627236b77700790b4ff1ff4f9f079394ca91451ae6fec6c56eafa4d25a25588b17acbe00c071ca01b9dd0a4328a0a3de72fc791f9a2f12aea8dc9e16
SSDEEP

1536:OQkVjEGbR897GCBEzMJoQUxHa11i4x+dgt/yQ/O17xjuzw:PkVDR897Gj2oQ8HA1i4x+dgJyzzu8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51d583e27fdb3798d7e7b59500c429b7

Files

51d583e27fdb3798d7e7b59500c429b7
.exe windows:4 windows x86 arch:x86

60efa693a19725b0dd128cb84a9a313f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
RegCloseKey
LookupPrivilegeValueA
OpenProcessToken
RegOpenKeyExA

kernel32

SearchPathA
GetModuleFileNameA
GetModuleHandleA
lstrcatA
ShowConsoleCursor
GetFileSize
Sleep
RemoveDirectoryA
lstrlenA
GetShortPathNameA
CopyFileA
lstrcpynA
lstrcpyA
GetUserDefaultUILanguage
MoveFileA
GetFullPathNameA
SetFileAttributesA
lstrcatW
CreateTimerQueue
WaitForSingleObjectEx
SetEnvironmentVariableW
SetLocalTime
FlushConsoleInputBuffer
GetCurrentConsoleFont
WaitForMultipleObjects
QueryPerformanceCounter
ExitProcess
GetConsoleCP
LocalReAlloc
WaitCommEvent
IsDBCSLeadByteEx
GetSystemTimeAsFileTime
SetThreadAffinityMask
GetModuleHandleA
CreateTimerQueueTimer
GetCurrentThreadId
GlobalMemoryStatus
SetConsolePalette
ClearCommError

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

user32

SendDlgItemMessageA
ShowWindow
CreateWindowExA
GetDlgItemTextA
SetWindowTextA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 84KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

60efa693a19725b0dd128cb84a9a313f

Headers

File Characteristics

Imports

advapi32

kernel32

version

user32

Sections

.text Size: 5KB - Virtual size: 5KB

.data Size: 7KB - Virtual size: 35KB

.rsrc Size: 2KB - Virtual size: 2KB

.rdata Size: 84KB - Virtual size: 160KB

.text
Size: 5KB - Virtual size: 5KB

.data
Size: 7KB - Virtual size: 35KB

.rsrc
Size: 2KB - Virtual size: 2KB

.rdata
Size: 84KB - Virtual size: 160KB