52223ac7e020777852fbed68b6323582 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

52223ac7e020777852fbed68b6323582
Size

15KB
MD5

52223ac7e020777852fbed68b6323582
SHA1

5c11546bd52cf36387be11e207eb1dbf01903dde
SHA256

5e4ac5a31c73c0101d94e5b855431568bc244a32032ce48e015fd998d007db11
SHA512

2da1816e1e8d54745d77e49638bb40f47719f3038c06572a32cfb3e0fef53e0ed38f484be837220a303b8db0e1692447e74044e87604fc647aa44690aa1c6fbc
SSDEEP

384:TxAfBpoj0SMlcTzOwyjqROv8AkVkqCzfr:Topr9COZSOUAAg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52223ac7e020777852fbed68b6323582

Files

52223ac7e020777852fbed68b6323582
.dll windows:4 windows x86 arch:x86

b88d7095335503d80dd15de3cc9fd79e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

CallWindowProcW
RegisterClassExW
ReleaseDC
OemKeyScan
InvalidateRect
GetWindowContextHelpId
GetDC
wsprintfA

kernel32

HeapReAlloc
lstrlenA
lstrcatA
SystemTimeToFileTime
SleepEx
Sleep
RtlMoveMemory
BeginUpdateResourceA
CloseHandle
CreateThread
DeviceIoControl
ExitProcess
ExitThread
FlushViewOfFile
GetCommandLineA
GetProcessHeaps
GetSystemTime
GetTickCount
GlobalAlloc
GlobalFree
OpenMutexA
LoadLibraryA
LoadLibraryExA

gdi32

BitBlt
CreateCompatibleDC
CreateDIBSection
DeleteDC
DeleteObject
GetCurrentObject
GetDeviceCaps
SelectObject

Exports

Exports

vd19rb

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ