052eb788598c0fc20b651cddc7dd6ca5

Sharing

Copy URL Twitter E-mail

General

Target

052eb788598c0fc20b651cddc7dd6ca5
Size

185KB
MD5

052eb788598c0fc20b651cddc7dd6ca5
SHA1

08790f6d3fa3861b83858156f48b463e1af215b2
SHA256

5ba62a88d302016ad96cfacfdc1a6dc66b8319d28b540f450c02ec9fd779d9e8
SHA512

6a9378e80484e8592d28b781e35c30e3ab255c7bebe1d85076618194f55e2b0ff9257ea7ba2d3eac90a9bac99038b7a0b41451745939e9318ac284ff4025ba87
SSDEEP

3072:3DJFQaX4YZzZOdazKeXXqbTeX+loZhTkaqGONEo43ukCIT88Yy:sqaaWeHqbTI+loZhT1Ouo436ITK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
052eb788598c0fc20b651cddc7dd6ca5

Files

052eb788598c0fc20b651cddc7dd6ca5
.exe windows:4 windows x86 arch:x86

a4fbadb67036989ffa09e1cf521a404e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExW
RegEnumValueA
RegQueryValueW
RegOpenKeyW
RegEnumKeyA
RegDeleteValueW
RegEnumKeyW
RegCreateKeyW
RegFlushKey
RegLoadKeyA
RegReplaceKeyW
RegDeleteKeyA
RegOpenKeyExA
RegQueryInfoKeyA
RegQueryInfoKeyW
RegDeleteValueA
RegQueryValueExW
RegCreateKeyExA
RegEnumValueW
RegDeleteKeyA
RegReplaceKeyW
RegOpenKeyExW
RegOpenKeyExA
RegEnumValueA
RegOpenKeyA
RegLoadKeyA
RegLoadKeyW
RegQueryValueExW
RegDeleteValueW
RegEnumKeyA
RegCreateKeyExW
RegQueryInfoKeyA
RegReplaceKeyA
RegLoadKeyW
RegOpenKeyW
RegFlushKey
RegQueryValueExW
RegEnumKeyW
RegDeleteValueW
RegOpenKeyExA
RegGetKeySecurity
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueA
RegEnumKeyExA
RegCreateKeyW
RegQueryValueW
RegQueryValueExA
RegDeleteKeyA

kernel32

DeleteFileW
GetConsoleMode
GetConsoleCP
DeleteFileA
GetVersion
ExitThread
GetLastError
FindFirstFileA
GetProcessHeap
GetLastError
DeleteAtom
ExitProcess
CreateDirectoryA
GetConsoleOutputCP
GetCommandLineA
GetFileSize
GetFileTime
GetCommandLineA
OpenFile
ExitThread
ExitProcess
GetLastError
GetProcessHeap
CreateDirectoryA
GetLastError
CreateThread
GetCPInfo
GetFileTime
GetComputerNameA
GetVersion
FindFirstFileA
DeleteFileW
Sleep
DeleteFileA
GetCommandLineA
CreateProcessA
GetConsoleCP
FindFirstFileA
GetComputerNameA
GetConsoleMode
FindAtomA
GetFileTime
DeleteFileA
GetACP
DeleteAtom
GetStdHandle
ExitThread
CreateThread
GetConsoleOutputCP
GetOEMCP
CreateDirectoryA
Sleep
GetConsoleCP
DeleteFileW
CreateProcessA
GetLastError
ExitThread
GetConsoleMode
FindFirstFileA
GetOEMCP
GetComputerNameA
DeleteAtom
GetVersion
GetStdHandle
OpenFile
CreateDirectoryA
Sleep
DeleteFileA
GetACP
GetCommandLineA
ExitProcess
FindAtomA
GetFileSize
GetFileTime
GetStdHandle
DeleteAtom
GetConsoleMode
ExitProcess
CreateProcessA
DeleteFileW
GetProcessHeap
GlobalFree
GetCommandLineA
DeleteFileA
GetCommandLineA
CreateDirectoryA
GetLastError
ExitThread
GetConsoleOutputCP

user32

AlignRects
LoadMenuA
AppendMenuW
GetFocus
BlockInput
CalcMenuBar
GetWindowTextLengthA
DrawIconEx
GetDC
DialogBoxParamW
DialogBoxParamA
GetWindowTextA
AppendMenuA
InsertMenuA
GetMenu
CopyRect

Sections

.itext
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 145KB - Virtual size: 453KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a4fbadb67036989ffa09e1cf521a404e

Headers

File Characteristics

Imports

advapi32

kernel32

user32

Sections

.itext Size: 28KB - Virtual size: 28KB

.rdata Size: 5KB - Virtual size: 4KB

.bss Size: 145KB - Virtual size: 453KB

.idata Size: 5KB - Virtual size: 4KB

.itext
Size: 28KB - Virtual size: 28KB

.rdata
Size: 5KB - Virtual size: 4KB

.bss
Size: 145KB - Virtual size: 453KB

.idata
Size: 5KB - Virtual size: 4KB