51a5e0c3bd7d4b831f4a673ba3183328 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

51a5e0c3bd7d4b831f4a673ba3183328
Size

214KB
MD5

51a5e0c3bd7d4b831f4a673ba3183328
SHA1

3cb6e3d0f5a04ceace7550c91cc89782d3aff666
SHA256

e4f8b33c77c53933814e2abd8180a38dacbecafd702519b8606e9995d63ec981
SHA512

81245f558139f596387649a5ea3250de32d4214697d6bbc4d30090717f9b3021bcea3642c94a0a229770c829e54581c8c7e41e882252b47230fed86f65175988
SSDEEP

6144:uAuXQKe11R+dXVTpjwb2wgdfx+kdQf205HI:upS+dXTcKkkCf20tI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51a5e0c3bd7d4b831f4a673ba3183328

Files

51a5e0c3bd7d4b831f4a673ba3183328
.exe windows:5 windows x86 arch:x86

7782777fdf195de7f73db14cc6df6f5a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

exit

shlwapi

StrToInt64ExA
StrRStrIA
ChrCmpIA

user32

GetClipCursor
MapVirtualKeyW
GetMenu
MapVirtualKeyExW
ShowOwnedPopups
MapDialogRect
wsprintfA
EnumThreadWindows
FindWindowExA
EqualRect
DestroyCursor
RegisterWindowMessageW
GetDlgItemTextW

gdi32

CreateFontIndirectA
RectInRegion
SetViewportOrgEx
SetROP2
ExcludeClipRect
SetRectRgn

kernel32

SetupComm
FileTimeToSystemTime
IsValidLanguageGroup
lstrlenW
ExitProcess
ResetEvent
GetModuleHandleA
IsBadReadPtr

Exports

Exports

?R_IAOIZEP_BP_Z_@@YGPAXH@Z
?_Q__TglhQN_PGenxaz@@YGJPAEPAH@Z
?__agueVF_O_FGNXAC_P_QN@@YGEG@Z
?BUQPc_r@@YGHPAG@Z
?osw_tDEPZ@@YGPAK_NPAM@Z
?iqu_cyk__QVK_TWKWTQ__@@YGPAFHM@Z
?HG_ZK_ZDzgO_AN_DJY__X_@@YGEPAHI@Z

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 140KB - Virtual size: 299KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 580B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ