51fc015e9f0d76e6758f10e2ed89b749 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

51fc015e9f0d76e6758f10e2ed89b749
Size

281KB
MD5

51fc015e9f0d76e6758f10e2ed89b749
SHA1

0d2c1ea4e18105bff6d4799bfa501a72a9b88dc6
SHA256

8c296d65abbf73c1ad06d905e071c7476c7d6531b944264ad5d159be1bc57ba1
SHA512

44ad60c9624d8091c4e9b538871c9d3edbcf047a81a6f7f30592bb4d0854df1cfdd7f8e09da3c5489aeea13d9545ecbc14ffb48c3f67770df2faecaaf45a33a9
SSDEEP

6144:JuZtcqY3KGkmolFPMT9W4u7Yhnb30mdfAIiHUB2EpXB0xox9yX8/2:JunUxLNJWAnb3DUO9B9ye2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51fc015e9f0d76e6758f10e2ed89b749

Files

51fc015e9f0d76e6758f10e2ed89b749
.exe .ps1 windows:4 windows x86 arch:x86 polyglot

dc3e2dd7fcefb29dac7349581441c386

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
LoadLibraryA
FlushFileBuffers
TlsSetValue
InterlockedDecrement
GetConsoleMode
HeapDestroy
WaitForSingleObject
LoadResource
InitializeCriticalSection
GetSystemInfo
HeapCreate
GetCPInfo
FreeEnvironmentStringsA
EnterCriticalSection
DeleteCriticalSection
SetStdHandle
GetUserDefaultLCID
GetSystemDefaultLCID
GetLastError
GetCommandLineW
GetSystemDefaultLangID
GetTickCount
GetCurrentThread
GetCurrentProcess
GetCurrentThreadId
GetUserDefaultLangID
GetModuleHandleA
GetCurrentProcessId
GetVersion
VirtualAlloc
GetModuleHandleW
GetCommandLineA

user32

SetWindowPos
SetFocus
InvalidateRect

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 270KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ