52bcf2ad9253b9a45001112f89b6cca9

General

Target

52bcf2ad9253b9a45001112f89b6cca9
Size

287KB
MD5

52bcf2ad9253b9a45001112f89b6cca9
SHA1

95ef1bc94de5258fb1bd96e57abaacba61db4ec6
SHA256

e7b8f79b1888d8ab4c8f29c3dd98da181ea6f50c21b9b35b228d25fd31c7e4d4
SHA512

736838db8d35a6fd73e54948404028d4c1a6e5c12b95bbbe6adfd14385d95f8b827cf18bc6494057143616daf0ca12133f59cab1189f7bb0b6480fff1a59f1c3
SSDEEP

6144:IWhP1uV/jVYwQqWraia5BKl2afEjdcxhrP/M3wq:If/jySWAzKlfsqhrHY7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52bcf2ad9253b9a45001112f89b6cca9

Files

52bcf2ad9253b9a45001112f89b6cca9
.exe windows:4 windows x86 arch:x86

d05c08b8bd95f8e2214848f8d2ce9a01

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

shell32

ShellExecuteA
Shell_NotifyIconA

kernel32

GlobalUnlock
HeapSetInformation
EnterCriticalSection
GetCurrentProcess
FindAtomW
WaitForSingleObject
InitializeCriticalSection
GetSystemDirectoryW
LeaveCriticalSection
ProcessIdToSessionId
MultiByteToWideChar
GetComputerNameW
Sleep
SetLastError
MulDiv
GetLocaleInfoW
GetModuleFileNameW
GlobalHandle
CreateThread
lstrcmpW
GlobalFree
EnumResourceLanguagesW
lstrlenA
InterlockedExchange
GetTickCount
GlobalAlloc
GetStringTypeW
GetProcessId
OpenProcess
RaiseException
InterlockedDecrement
LocalAlloc
lstrlenW
WaitForMultipleObjects
CloseHandle
FlushInstructionCache
DeleteCriticalSection
CreateFileW
GlobalLock
FormatMessageW
InterlockedIncrement
WideCharToMultiByte

shlwapi

StrRetToStrA
PathIsContentTypeA
PathAppendA
SHCreateStreamOnFileEx
PathIsFileSpecA
PathCreateFromUrlW

oleacc

CreateStdAccessibleObject

Sections

.text
Size: 150KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d05c08b8bd95f8e2214848f8d2ce9a01

Headers

File Characteristics

Imports

shell32

kernel32

shlwapi

oleacc

Sections

.text Size: 150KB - Virtual size: 282KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 133KB - Virtual size: 132KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 150KB - Virtual size: 282KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 133KB - Virtual size: 132KB

.rsrc
Size: 512B - Virtual size: 4KB