50e836c5a82a807ffc80f08697f1a96e | Triage

Sharing

General

Target

50e836c5a82a807ffc80f08697f1a96e
Size

68KB
MD5

50e836c5a82a807ffc80f08697f1a96e
SHA1

569bcafcc26c5d3d3ab83a9e92950a55df2d3db8
SHA256

73ef15e38911b2188dc003b120db080672d359bd29f449e0f510efae60f5c0f3
SHA512

af435e91bd145a4ec7699b5e32c17e958de74d52af44f107333b961df0708bea058915f1fc5b110f7221d2a26e929b07c2b6f6c87812abec29c333d83f997b07
SSDEEP

768:bINCnhauJSfb9zdIkIT6Puk7CWpW+rwQlCxv+IbpgTrHCtoF:bIiWb9zdIkyk7CWpW+G+Ibzt4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
50e836c5a82a807ffc80f08697f1a96e

Files

50e836c5a82a807ffc80f08697f1a96e
.exe windows:4 windows x86 arch:x86

cb4072b12b053179f75a8bd14b689e89

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
LoadResource
SizeofResource
FindResourceA
FreeLibrary
GetProcAddress
LoadLibraryA
GetWindowsDirectoryA
CloseHandle
WriteFile
CreateFileA
DeleteFileA
GetLastError
GetModuleFileNameA
GetModuleHandleA
ResumeThread
CreateProcessA
SetThreadPriority
GetCurrentThread
SetPriorityClass
GetCurrentProcess
lstrcatA
lstrcpyA
GetEnvironmentVariableA
GetShortPathNameA
SetFilePointer
ReadFile
GetFileSize
Process32Next
Process32First
CreateToolhelp32Snapshot
ExitProcess
TerminateProcess

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ddsbeck
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE