51152d618863dba73e95fb547767aa40 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

51152d618863dba73e95fb547767aa40
Size

5KB
MD5

51152d618863dba73e95fb547767aa40
SHA1

3a673404bacdebfedf683af79909f7d0551a39af
SHA256

c94ea2ec3a262a22599878fdfb9722b80588937eeeb45e1d24ae2ad8c39313cc
SHA512

65dbf4ab0083e650dc90071e7e20d69418a3112dbbc6ca3c6e0e504c764894fc54d67542ea5f8e24a91a7b804c78041a47ff821823a2e442c5beaac993a21ddd
SSDEEP

96:QE9njWHh7tqgZYQbyLnE6ui1xv+5TJ53ZrvzXZandZ+E:bnjWHTqZmsnvuiPvQ9dlqZ+E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51152d618863dba73e95fb547767aa40

Files

51152d618863dba73e95fb547767aa40
.exe windows:4 windows x86 arch:x86

209aaa62aecce2ca410d220d23f34157

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowWindow
SendMessageA
wsprintfA
FindWindowExA
FindWindowA

urlmon

ObtainUserAgentString

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA

wininet

InternetOpenUrlA
InternetOpenA
InternetReadFile
InternetCloseHandle

msvcrt

_strupr
strstr

kernel32

ExitProcess
GetCommandLineA
HeapAlloc
GetProcessHeap
GetModuleHandleA
GetStartupInfoA
GetModuleFileNameA
GetWindowsDirectoryA
WinExec
GetSystemDirectoryA
CreateThread
CreateFileA
WriteFile
CloseHandle
Sleep

Sections

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE