51eec9750cf81e61d63413f3cb502938 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

51eec9750cf81e61d63413f3cb502938
Size

406KB
MD5

51eec9750cf81e61d63413f3cb502938
SHA1

fc643babb64b95c6b4ba79ed1bd1098488eacb00
SHA256

799e908efe7c9bb106685de89bf89de4313a1e8a2a94e1c2a1bac55a13310035
SHA512

e46b6f6c6e479f729c5903b48ee3d772580bd7da21e76571b94835da2e54da7565f89e9940e19465967682a8419fab16fc806cc50e7c4d0e5b67f229a30b3e51
SSDEEP

6144:JoovHuWq5bs222CISRTSN+akKJSmM0K15zlObaylRXT4Qs0JnMI8:ROWqRs2h3SSN+aYm7A5zkayzDXM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51eec9750cf81e61d63413f3cb502938

Files

51eec9750cf81e61d63413f3cb502938
.exe windows:4 windows x86 arch:x86

e8b4d37c98298e8cad1fc045e8082ea0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
TerminateProcess
FillConsoleOutputAttribute
GetModuleFileNameA
GetProcAddress
VirtualAlloc
HeapReAlloc
GetConsoleTitleW
SuspendThread
GetSystemTimeAsFileTime
GetCurrentProcessId
HeapAlloc
ReadConsoleOutputAttribute
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleA
WriteConsoleA
FileTimeToSystemTime
FlushFileBuffers
InterlockedExchange
RtlUnwind
GetPrivateProfileStructW
QueryPerformanceCounter
VirtualQuery
LoadLibraryA
GetDiskFreeSpaceW
OpenEventW
LockResource
EnumResourceNamesA
ExitProcess
GetTickCount

shell32

SHFileOperationW
RealShellExecuteA
SHFileOperation
FindExecutableW
SHGetSpecialFolderPathA
DragQueryPoint
DragQueryFileAorW
ShellExecuteW
SHQueryRecycleBinA
SHInvokePrinterCommandA
SheGetDirA
SHGetSpecialFolderPathW
SHGetMalloc
SHAddToRecentDocs
SHQueryRecycleBinW
SHBrowseForFolderW

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ