b51532d7ffc7d2965f8643dc107b65e7

General

Target

b51532d7ffc7d2965f8643dc107b65e7
Size

170KB
MD5

b51532d7ffc7d2965f8643dc107b65e7
SHA1

7ab1ed6a9cf2485a16d3a558964bece145b5c6bd
SHA256

a78f402ea558bc32ac6c39a79e757447cde53b1da952e14c874f90efcc288e48
SHA512

f3b3422aeba8b744c8e44159d17feb9bc18e97c1b31e1bcd33c070f645e59460eddeeb309dfdd35b02d4198bc5afd196331b74ced8c85a8fa0c753fb664d3855
SSDEEP

3072:dS/8pi/mDlg+P96sCVnVkqXejRzixU30cfBM536yJms3ftt1YGWBfkJUoy:dS0M/olKVkquhixU30chs3HWByny

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b51532d7ffc7d2965f8643dc107b65e7

Files

b51532d7ffc7d2965f8643dc107b65e7
.exe windows:4 windows x86 arch:x86

671e935100c6148131cf5330a004903e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgCreateDocfile
StgOpenStorage

kernel32

GetShortPathNameA
InitializeCriticalSection
DeleteCriticalSection
IsBadReadPtr
EnterCriticalSection
GetProcAddress
ExitProcess
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetLastError
InterlockedIncrement
GetProcessHandleCount
lstrlenW
InterlockedExchange
GetModuleHandleA
GetTickCount
UnhandledExceptionFilter
IsBadWritePtr
GetACP
FreeLibrary
CloseHandle
EnumResourceTypesA
MultiByteToWideChar
GetFileAttributesA
GetCurrentThreadId
SetUnhandledExceptionFilter
CreateFileA
WideCharToMultiByte
GetCurrentProcessId
LoadLibraryA
IsDebuggerPresent
GetThreadLocale
LeaveCriticalSection
LocalFree
lstrlenA
InterlockedDecrement
GetLocaleInfoA
GetVersionExA

user32

wsprintfA
wsprintfW

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA

advapi32

RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegDeleteValueA
RegSetValueExA

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

671e935100c6148131cf5330a004903e

Headers

File Characteristics

Imports

ole32

kernel32

user32

setupapi

advapi32

shell32

Sections

.text Size: 97KB - Virtual size: 96KB

.rdata Size: 2KB - Virtual size: 1KB

.bss Size: 69KB - Virtual size: 69KB

.edata Size: 1024B - Virtual size: 92KB

.text
Size: 97KB - Virtual size: 96KB

.rdata
Size: 2KB - Virtual size: 1KB

.bss
Size: 69KB - Virtual size: 69KB

.edata
Size: 1024B - Virtual size: 92KB