50940d9e8e04fa1522fc59c6fa30890a | Triage

Sharing

General

Target

50940d9e8e04fa1522fc59c6fa30890a
Size

184KB
MD5

50940d9e8e04fa1522fc59c6fa30890a
SHA1

36d32efa797c6d9012fd335ce8076f2b7d11456b
SHA256

9c0f08d466f403f8a864def29e36083ec4ab9294818f54e2671baa301125c451
SHA512

50631bd76f8fd03fc046a39564cc026203bb2502c73d46821d4ec6c6578f67463ef96eb8599484dd1e69ffa308d07144d079ce61f496d3e46beab9d55c658ea1
SSDEEP

3072:MkrKgj3iC3cEx5pgfsuUTRqoFTL6RxHbjukkGrPE01QJ1qLz3BBK5Iem+7xx7r3Q:MkrK0iCMo5OfUTQoFTGX7sGr/uILF4xB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
50940d9e8e04fa1522fc59c6fa30890a

Files

50940d9e8e04fa1522fc59c6fa30890a
.exe windows:4 windows x86 arch:x86

f3e53b53323386476a7ba7a51b5d0cad

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameA
Module32Next
GetConsoleCommandHistoryW
FindAtomA
GetConsoleInputExeNameA
QueueUserWorkItem
CreateFiber
SetConsoleInputExeNameA
IsSystemResumeAutomatic
WritePrivateProfileSectionA
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetConsoleKeyboardLayoutNameA
IsBadWritePtr
GetSystemWindowsDirectoryW
ReadConsoleOutputA
FreeConsole
GetCommandLineA
ExitProcess
GetStartupInfoA

user32

SetMenuItemInfoW
MapDialogRect
UnregisterClassA
CloseWindowStation
SetConsoleReserveKeys
GetUserObjectInformationA
ScrollChildren

shell32

SHGetPathFromIDListW
SHGetIconOverlayIndexW
ShellExec_RunDLLW
SHIsFileAvailableOffline

Sections

.text
Size: 5KB - Virtual size: 805KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE