51f9c992cfceaccaad25c67a647ef697 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

51f9c992cfceaccaad25c67a647ef697
Size

550KB
MD5

51f9c992cfceaccaad25c67a647ef697
SHA1

69e77652efa67755be8f1e39dbe048e51f69d837
SHA256

e49cce1dcfd02abb2e32a0d874ea2270afbf4a2972451fb284c9b3786b6b51ba
SHA512

8a460555807bd72c1821fa9f863f89dc785305b426009ed6859409381d355ea7afaa29eeea48304751dd09f6865e9fb6d2f0a58e49288fd1801fbc7df47fa509
SSDEEP

12288:1z6UGgp1oATbY9jcLO+7Xik1hi0NwaITqSFFFFXch0r52s0ds0/rCZFqoW2wcb:l6Uvp1oGY9QL37nLNRufFFFFXcu4dlr8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51f9c992cfceaccaad25c67a647ef697

Files

51f9c992cfceaccaad25c67a647ef697
.exe windows:4 windows x86 arch:x86

1e35da84c22869c33d6133b36eebd7a6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLangID
FindResourceExW
FindResourceW
GetLocaleInfoW
LoadResource
LockResource
GetStartupInfoA
RtlUnwind
SetUnhandledExceptionFilter
ExitProcess
CreateThread
HeapCreate
GetStdHandle
GetOEMCP

msvcrt

_initterm
__wgetmainargs
memset
__p__fmode
acos
__p__commode
__setusermatherr
_amsg_exit
__dllonexit
_onexit
_wcmdln
memcpy

msimg32

TransparentBlt

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ