51d962b78719eb2608fd94850bc9506f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

51d962b78719eb2608fd94850bc9506f
Size

64KB
MD5

51d962b78719eb2608fd94850bc9506f
SHA1

e3cb17f04432b1540bf045bb9d3aea98163f287a
SHA256

918dfaff40076038518641e20ef5c1252ffa4b771717ec0b6f204d9dc7558c32
SHA512

9410d7c6beed383b3e81090f718953f2971ee893408b71452c842493a91407f98a08b69ea66662dc3610cd6fa72c008d144b516d3fb7b32e91343a819ed7011e
SSDEEP

768:a2CYIMftD2K0DSzAuXdIUp45urG3skI5bFlRrAJEQWLF/VAPZ:EYvn0DoAuOBsrnXbFbAJE15i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51d962b78719eb2608fd94850bc9506f

Files

51d962b78719eb2608fd94850bc9506f
.exe windows:4 windows x86 arch:x86

a710eab8f0abb900a065df9dc6fee42b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCriticalSectionSpinCount
Beep
SetThreadContext
SetLocalTime
IsBadReadPtr
GetVersionExA
OpenProfileUserMapping
WaitForMultipleObjectsEx
VDMOperationStarted
GetCommMask
RequestDeviceWakeup
ClearCommError
lstrcmpi
GlobalFlags
OpenJobObjectA
GetCommandLineA
ExitProcess
GetStartupInfoA
CloseHandle
ReadFileScatter
PeekConsoleInputA
GetACP
SetConsoleCursor
WaitForSingleObjectEx
GetPrivateProfileIntA
CloseHandle
ResetWriteWatch
UnregisterWaitEx
WaitCommEvent
InterlockedCompareExchange

Sections

ATSEC0
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ATSEC1
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ATSEC2
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ