51293dedae7b17f82b06fcee215ddbe7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

51293dedae7b17f82b06fcee215ddbe7
Size

190KB
MD5

51293dedae7b17f82b06fcee215ddbe7
SHA1

02089f66a34839e3a5ccaeec3d5a204596d297e1
SHA256

69dfa674340a722a98931d7da0d937161925412273a40cfe9be6857f5e0c69a6
SHA512

94360aff70974f45e4b836dbdaaea90c6ee0da3cebb22c2419ce39fc4499ca1c15547f666ab1a8bd821d8d181aaada97ab6486a92a550f4be0d7c4400563b9a6
SSDEEP

3072:MEKS7Xi1goJj6L/zA3V2Qw9Rc7mShdlGxMK5xqgv4syg+h+g5p886I6YVR5BKB/l:MEKSNGjW/M3czRcqS/lKzqg1yDh+g5pu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51293dedae7b17f82b06fcee215ddbe7

Files

51293dedae7b17f82b06fcee215ddbe7
.exe windows:4 windows x86 arch:x86

0ff084abdcd459090c4d5c59921e4875

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExW
GetStringTypeW
RegisterConsoleIME
GenerateConsoleCtrlEvent
IsBadHugeWritePtr
GetLargestConsoleWindowSize
MapViewOfFile
GetPrivateProfileIntW
IsSystemResumeAutomatic
CancelTimerQueueTimer
GetNumberOfConsoleInputEvents
QueryPerformanceFrequency
GetTimeZoneInformation

user32

GetKeyState
RedrawWindow
GetWindowModuleFileNameW
AllowSetForegroundWindow
DlgDirListW
TranslateAcceleratorA
User32InitializeImmEntryTable
SetDlgItemTextA
IsIconic
TrackPopupMenuEx
GetAppCompatFlags
DrawCaption
InitializeLpkHooks

Sections

CODE
Size: 9KB - Virtual size: 809KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 177KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack32
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ