51a3706693f1072c3b04a1e2f9daef1a

Sharing

Copy URL Twitter E-mail

General

Target

51a3706693f1072c3b04a1e2f9daef1a
Size

161KB
MD5

51a3706693f1072c3b04a1e2f9daef1a
SHA1

eca94359d992b843b1c761db55483033854d53dd
SHA256

4ef396fe55581e51001672c5ae445c3988e97c703bf259b0b55579402e437fac
SHA512

213fa3919f60f2dd47bedd1de9c5ee83e070e05e9d619e395fbb011e29ee71f937d5e9444ce2ed51ae95babd7d4cee2c6456dee8168b03ec50bdf0cdd11fcda7
SSDEEP

3072:4oMEihvKAc/jMNLGYF9shEE61cCLm4TMm8Qh0D7tWY4tXhmyig:4VZC/INqYFmhEE6Mm8YgF8m4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51a3706693f1072c3b04a1e2f9daef1a

Files

51a3706693f1072c3b04a1e2f9daef1a
.exe windows:4 windows x86 arch:x86

4ecb63b36f39f4b4d461365842718167

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

MessageBoxW
DispatchMessageW
MapWindowPoints
GetClientRect
SetCapture
SetWindowTextW
EndPaint
GetWindowRect
SetDlgItemTextW
CreateWindowExW
GetParent
LoadCursorW
TranslateMessage
GetDC
BeginPaint
GetAncestor
PeekMessageW
GetClassInfoExW
GetWindow
RegisterClassExW
GetWindowTextLengthW
GetWindowInfo
SetWindowPos
GetDlgItemTextW
DestroyWindow
SystemParametersInfoW
EndDialog

winspool.drv

DocumentPropertiesW

kernel32

SetStdHandle
MulDiv
SetLastError
HeapCreate
GetConsoleMode
InterlockedCompareExchange
GetCurrentThreadId
FlushFileBuffers
lstrcpynW
LockResource
GetConsoleCP
SizeofResource
CreateFileA
Sleep
FindResourceW
HeapSize
WriteConsoleW
GetConsoleOutputCP
CheckRemoteDebuggerPresent
GetCPInfo
WaitForSingleObject
LocalAlloc
WideCharToMultiByte
RaiseException
LCMapStringA
VirtualFree
TlsSetValue
HeapDestroy
InterlockedExchange
GetSystemTimeAsFileTime
GetACP
GetVersion
QueryPerformanceCounter
TlsAlloc
CopyFileW
GetCurrentProcessId
EnumResourceTypesW
CreateFileMappingW
LCMapStringW
FlushInstructionCache
GetStringTypeW
IsDebuggerPresent
TlsGetValue
SetUnhandledExceptionFilter
InitializeCriticalSection
GetDriveTypeW
GetCurrentProcess
LoadResource
lstrlenA
GetStartupInfoA
GetStringTypeA
CreateSemaphoreW
GetThreadLocale
TlsFree
LeaveCriticalSection
WriteConsoleA
LoadLibraryA
LocalFree
WritePrivateProfileSectionW
GetOEMCP
GetLocaleInfoA
SetFilePointer
IsProcessorFeaturePresent
lstrcmpA
VirtualAlloc
GetTickCount
GetFileType

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ecb63b36f39f4b4d461365842718167

Headers

File Characteristics

Imports

user32

winspool.drv

kernel32

Sections

.text Size: 106KB - Virtual size: 106KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 50KB - Virtual size: 49KB

.isete Size: 1024B - Virtual size: 96KB

.text
Size: 106KB - Virtual size: 106KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 50KB - Virtual size: 49KB

.isete
Size: 1024B - Virtual size: 96KB