51fa2f707ddf246ba19e22ab760611022db504e01d69eee171c1791b7183dcbf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

51fa2f707ddf246ba19e22ab760611022db504e01d69eee171c1791b7183dcbf
Size

11.4MB
MD5

908f9bbc94365c9058fd6af7480fde33
SHA1

5948124f8a8f9801d4c0106917da8a86568284dc
SHA256

51fa2f707ddf246ba19e22ab760611022db504e01d69eee171c1791b7183dcbf
SHA512

76df9448a1d9b839f72ee82515d5fb44ae547b2e6acdc6d352af45a76d6631fcd3415e81b8ea8d930fadee8da717568a5a99f53a84223642b40f52d011ddd3f2
SSDEEP

196608:8Fl5poKEGK54nLHXD4oOVqMBfOo6eU7iayz+r83k8EzBnMpAf2FaqIMpbp:8rTEy3cVqMdaiayZkBzBiAeFapMpN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
51fa2f707ddf246ba19e22ab760611022db504e01d69eee171c1791b7183dcbf

Files

51fa2f707ddf246ba19e22ab760611022db504e01d69eee171c1791b7183dcbf
.exe windows:4 windows x86 arch:x86

51e9377f618b9759c75dab821ab20a91

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

RegisterClassA

gdi32

GetSystemPaletteEntries

winmm

midiStreamRestart

winspool.drv

ClosePrinter

advapi32

RegCloseKey

shell32

ShellExecuteA

ole32

OleInitialize

oleaut32

UnRegisterTypeLi

comctl32

ImageList_Destroy

ws2_32

recvfrom

comdlg32

GetFileTitleA

Sections

.text
Size: 9.8MB - Virtual size: 25.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE