50f977273a18f7df9481f9615866953f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

50f977273a18f7df9481f9615866953f
Size

244KB
MD5

50f977273a18f7df9481f9615866953f
SHA1

3310398d78e067e27563efd3d2943bf1b99305c2
SHA256

66d485fa6cc68efd527bb4cd3ebfb3a90a30e02a7d33048e64ebc37e0f1f799e
SHA512

a7d25a487a20226567b288e0e01ccf7be4d62d150a6b0443b43dbea686eb3979288c385e810b77633d153979e201a1623a3add232d953167b5881459ec56f811
SSDEEP

6144:Ah8wKrjmHCpYusZgmBRavmkmqskteMZrpyCTu16mx0wN:AizXmpu2hBuX/tXyCa16mx5N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
50f977273a18f7df9481f9615866953f

Files

50f977273a18f7df9481f9615866953f
.exe windows:4 windows x86 arch:x86

a0bdb49c56b79ae8e394d1825d2c2f8f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
EnumResourceNamesA
WriteProcessMemory
FindFirstFileW
FatalAppExitW
WriteConsoleInputW
GetShortPathNameA
GetModuleHandleW
VirtualLock
FreeLibrary
GetWriteWatch
EnumCalendarInfoW
GetNamedPipeInfo
lstrlenA

user32

LoadCursorA
SetSysColors
CreateDialogParamW
CloseWindow
CloseWindowStation
GetClassInfoW

gdi32

FrameRgn
UnrealizeObject
SetViewportOrgEx
GetTextFaceW
StretchBlt
GetBrushOrgEx

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 804B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE