52a1f95ac2fbded723223dab71915cef9dff6c8e0396434f079ce52135b5c16e

General

Target

52a1f95ac2fbded723223dab71915cef9dff6c8e0396434f079ce52135b5c16e
Size

60KB
MD5

cf04bb350f45f82277bbf4eba077ea4a
SHA1

d2d3d69327a6e5fddd0a6f7c7b9d9b7e06568d5a
SHA256

52a1f95ac2fbded723223dab71915cef9dff6c8e0396434f079ce52135b5c16e
SHA512

ad7d5521fd55761257fa54e907d122afaed7e79a10844cb5b14727a7f3fc83170027c6c2f408985dcfd0a8cf379846ac01b4af4df3cddd43a4df80ee8086e1b7
SSDEEP

1536:J3Bq84B6dVaqptynQLFg00NSM1Z47DCmdSaFF1qP:J3iQHm8e4w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52a1f95ac2fbded723223dab71915cef9dff6c8e0396434f079ce52135b5c16e

Files

52a1f95ac2fbded723223dab71915cef9dff6c8e0396434f079ce52135b5c16e
.exe windows:4 windows x86 arch:x86

240e3651278ec05845b1de2929341f50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFileInfo

kernel32

LocalSize
lstrcpyn
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
MultiByteToWideChar
GetUserDefaultLCID
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
FreeLibrary
GetProcAddress
LoadLibraryA
LCMapStringA
RtlMoveMemory
WideCharToMultiByte

user32

CreateIconFromResource
GetClassInfoExW
DefFrameProcW
EndDialog
CreateWindowExW
DefMDIChildProcW
wsprintfA
MessageBoxA

comctl32

ImageList_AddMasked
ImageList_Add
ImageList_Create

msvcrt

free
strchr
??2@YAPAXI@Z
sprintf
_ftol
malloc
strstr
??3@YAXPAX@Z
atoi

ole32

CoUninitialize
CreateStreamOnHGlobal
CoInitialize

oleaut32

SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetDim
VariantInit
VariantTimeToSystemTime
SafeArrayGetElemsize
OleLoadPicture
VariantChangeType
SafeArrayDestroy
VariantClear
SysAllocString
SafeArrayCreate
VariantCopy

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

240e3651278ec05845b1de2929341f50

Headers

File Characteristics

Imports

shell32

kernel32

user32

comctl32

msvcrt

ole32

oleaut32

Sections

.text Size: 40KB - Virtual size: 40KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 17KB - Virtual size: 65KB

.text
Size: 40KB - Virtual size: 40KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 17KB - Virtual size: 65KB