51db82a0d265f92a17e2c19c9c8286dd

General

Target

51db82a0d265f92a17e2c19c9c8286dd
Size

24KB
MD5

51db82a0d265f92a17e2c19c9c8286dd
SHA1

c5899e732c76234ae78b744543d58377d91317fa
SHA256

5b3ed517062dbcdfdb666264d099c19416c5fe2c5d20c62036cec6116c1c71dd
SHA512

4c7221c36718e2c4fa7b47dddb777060b972a7428569ceac587575106420dbeed2f008f1af6fbacf5f75d2d5e257681fd87b9336756229753fb5b05acf1afcf6
SSDEEP

768:JaK6WQcmtlvYY444z7H/M2HHHHHCHm1ASoK:JaK6RnYVHHHHHCHyASL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51db82a0d265f92a17e2c19c9c8286dd

Files

51db82a0d265f92a17e2c19c9c8286dd
.exe windows:5 windows x86 arch:x86

65ce4c256c8427ed873f4bc1fb8961b2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_wsopen
fputwc
__p__iob
_wctime
_wutime64
_ismbbtrail
__p__osver
perror
__RTCastToVoid
_longjmpex

kernel32

GetSystemPowerStatus
QueryDosDeviceA
IsDebuggerPresent
DeleteVolumeMountPointW
LocalHandle
EnumResourceLanguagesA
AddConsoleAliasA
OpenDataFile
WriteProfileSectionW
GetModuleHandleA
FoldStringW
GetProcessVersion
MapUserPhysicalPagesScatter
GetCommandLineA
GetStartupInfoA

ole32

CoGetClassVersion
StgConvertVariantToProperty
CoResumeClassObjects
OleSetClipboard
MonikerCommonPrefixWith
HMETAFILE_UserFree

gdi32

GdiResetDCEMF
HT_Get8BPPMaskPalette
GetEnhMetaFilePixelFormat
FONTOBJ_vGetInfo
RemoveFontResourceA

user32

ScrollChildren
IsChild
ResolveDesktopForWOW
SendDlgItemMessageW
TranslateAccelerator
GetClassInfoExA
DlgDirListComboBoxA
OpenInputDesktop

advapi32

GetOldestEventLogRecord
GetWindowsAccountDomainSid
CryptEnumProviderTypesA
LookupSecurityDescriptorPartsW
OpenTraceW
WmiNotificationRegistrationW
CryptSetProvParam
ObjectCloseAuditAlarmW
RegOpenKeyW

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65ce4c256c8427ed873f4bc1fb8961b2

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

ole32

gdi32

user32

advapi32

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 2KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 872B

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 2KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 872B