51402fd789b9991ac1b58cf6efd04cfe

General

Target

51402fd789b9991ac1b58cf6efd04cfe
Size

25KB
MD5

51402fd789b9991ac1b58cf6efd04cfe
SHA1

498482009314cdf5f4b7aeadfd8fc323cb986971
SHA256

9962663a033966a0d8bae641b656ffa05e6ad886589a5ef243ae4891a7ae57c6
SHA512

26883a5d7fc85f58a6f7f7c8771ba706a09e470cbba9e5085744e8956d69b9b9a626aa44eb7497591d6f5d98167c8a4b393f23e07fcde6c931a1236d80fc6c67
SSDEEP

384:3XJrIuedAOYIlETB0MSHbsMNnY16o9zHxBRLdSJq+96UYS3d4kHhWTMWo:3XJrAYuXHbfY16o198JqYYS7iC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51402fd789b9991ac1b58cf6efd04cfe

Files

51402fd789b9991ac1b58cf6efd04cfe
.exe windows:4 windows x86 arch:x86

cc290012f6194ab98663e0deeb87d9d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetBkColor
SetMapMode
Rectangle
GetDeviceCaps
RectInRegion
CreateSolidBrush
GetTextExtentPoint32A
ExtTextOutA
GetBkColor
Ellipse
SelectObject
DeleteObject
EndDoc

advapi32

RegCreateKeyA
ControlService
RegOpenKeyA
GetSecurityInfo
LookupPrivilegeNameA
CreateProcessAsUserA
CloseServiceHandle
AllocateAndInitializeSid
IsValidSid
RegConnectRegistryA
RegCreateKeyExA
QueryServiceStatus
SetTokenInformation

ole32

OleCreateStaticFromData
CoDosDateTimeToFileTime
CoLockObjectExternal
OleQueryCreateFromData
OleCreate
OleCreateLinkFromData
CoAddRefServerProcess
CoInitialize
OleCreateLinkEx
CoGetStdMarshalEx
CoRevokeMallocSpy
OleRegEnumFormatEtc

msvcrt

strtoul
strncmp
wcscat
fgets
strcmp
_isctype
strstr
fprintf
_getcwd
__p__commode
_wcsicmp
memmove
_strlwr

user32

DrawFrameControl
CreateDialogParamA
InvalidateRgn
GetWindowRect
DefWindowProcA
DialogBoxIndirectParamA
SetMenuItemBitmaps
SetTimer
CloseClipboard
GetMenuItemCount
RedrawWindow
PostQuitMessage

kernel32

VirtualQueryEx
GlobalUnlock
ExitProcess
CreateFileA
GlobalMemoryStatus
GetDriveTypeA
CreateProcessA
GetStdHandle
LocalFree
GetEnvironmentVariableA
OpenProcess
FatalAppExitA
RtlUnwind
GetUserDefaultLCID
IsDebuggerPresent

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc290012f6194ab98663e0deeb87d9d4

Headers

File Characteristics

Imports

gdi32

advapi32

ole32

msvcrt

user32

kernel32

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 1024B - Virtual size: 960B

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 1024B - Virtual size: 960B