52c01420ef80fe86afe5ecd5ad545551

Sharing

Copy URL Twitter E-mail

General

Target

52c01420ef80fe86afe5ecd5ad545551
Size

102KB
MD5

52c01420ef80fe86afe5ecd5ad545551
SHA1

9d0e71528b817c579e2ca919ab1ba8644fda6db8
SHA256

a55cfd56533c48ca7748b2e89df760d4d517482ed412e5358f3fc8072f277aa6
SHA512

cc6d7dd3aa3393475a292bee4b309a06131025358bedcf125a2a48d069e7776d4d01b1cacde04354e32c7db1a014600f9349b0a8ed62111f682adad273f8cdc0
SSDEEP

1536:sVrD3eegME/EOep1YsBEYErg4yG3jEyCFC3w:1gE/EO+YsBEYErgOs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52c01420ef80fe86afe5ecd5ad545551

Files

52c01420ef80fe86afe5ecd5ad545551
.exe windows:4 windows x86 arch:x86

526b446d1382760fe4d5ce72f5b104c7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
strncpy
strlen
strcpy
strcat
memcpy
memcmp
sprintf
strcmp
strncmp
fclose
fabs
ceil
malloc
floor
free
localtime
mktime
_strnicmp
gmtime
memmove

kernel32

GetModuleHandleA
HeapCreate
HeapDestroy
ExitProcess
GetTickCount
EnterCriticalSection
WaitForSingleObject
LeaveCriticalSection
InitializeCriticalSection
CloseHandle
CreateThread
ResumeThread
SuspendThread
TerminateThread
HeapFree
HeapAlloc
GetCurrentProcessId
GetCurrentThreadId
GetCurrentProcess
DuplicateHandle
CreatePipe
GetStdHandle
CreateProcessA
PeekNamedPipe
TerminateProcess
GetExitCodeProcess
TlsAlloc
TlsSetValue
TlsGetValue
Sleep
MultiByteToWideChar
WideCharToMultiByte
GlobalLock
GlobalSize
GlobalUnlock
GlobalAlloc
GlobalFree
LoadLibraryA
GetProcAddress
FreeLibrary
SetLastError
GetVersionExA
WriteFile
CreateFileA
ReadFile
SetFilePointer
GetFileSize
HeapReAlloc
DeleteCriticalSection
GetLocalTime
WaitForMultipleObjects
GetCurrentThread
CreateSemaphoreA
ReleaseSemaphore

comctl32

InitCommonControls
InitCommonControlsEx

user32

GetForegroundWindow
GetWindowThreadProcessId
IsWindowVisible
IsWindowEnabled
EnableWindow
EnumWindows
DestroyWindow
ValidateRect
CallWindowProcA
GetWindowRect
GetParent
MapWindowPoints
InvalidateRect
CreateWindowExA
SetWindowLongA
SendMessageA
GetSysColor
GetSysColorBrush
GetWindowLongA
SetPropA
SetCapture
GetPropA
ReleaseCapture
RemovePropA
GetSystemMetrics
SetCursor
BeginPaint
FillRect
GetWindowTextA
GetClientRect
GetCapture
DrawStateA
EndPaint
DefWindowProcA
UpdateWindow
LoadCursorA
ShowWindow
GetWindowTextLengthA
SetWindowTextA
SetFocus
PeekMessageA
TranslateMessage
DispatchMessageA
MoveWindow
RedrawWindow
GetWindow
SetActiveWindow
UnregisterClassA
DestroyAcceleratorTable
LoadIconA
RegisterClassA
AdjustWindowRectEx
GetActiveWindow
CreateAcceleratorTableA
MsgWaitForMultipleObjects
GetMessageA
TranslateAcceleratorA
SetCursorPos
LoadImageA
SystemParametersInfoA
GetKeyState
PostMessageA
GetCursorPos
GetFocus
EnumChildWindows
DefFrameProcA
IsChild
GetClassNameA
DestroyIcon

gdi32

GetStockObject
SetBkColor
SetTextColor
SelectObject
CreateRectRgnIndirect
SelectClipRgn
DeleteObject
SetBkMode
TextOutA
GetTextExtentPoint32A
CreatePen
MoveToEx
LineTo
CreateSolidBrush
GetObjectType
GetObjectA
CreateCompatibleDC
GetDIBits
DeleteDC
CreateDIBSection
BitBlt
CreateBitmap
SetPixel

comdlg32

GetSaveFileNameA
GetOpenFileNameA

oleaut32

SysAllocStringLen
SysAllocString
SysStringLen
SysFreeString
VariantInit
DispGetParam
VariantClear

ole32

CoInitialize
CreateStreamOnHGlobal
GetHGlobalFromStream
OleInitialize
RevokeDragDrop

shell32

ShellExecuteExA

winmm

timeBeginPeriod
timeEndPeriod

wininet

InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

Sections

.code
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 734B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

526b446d1382760fe4d5ce72f5b104c7

Headers

File Characteristics

Imports

msvcrt

kernel32

comctl32

user32

gdi32

comdlg32

oleaut32

ole32

shell32

winmm

wininet

Sections

.code Size: 13KB - Virtual size: 13KB

.text Size: 38KB - Virtual size: 37KB

.rdata Size: 1024B - Virtual size: 734B

.data Size: 8KB - Virtual size: 10KB

.rsrc Size: 41KB - Virtual size: 40KB

.code
Size: 13KB - Virtual size: 13KB

.text
Size: 38KB - Virtual size: 37KB

.rdata
Size: 1024B - Virtual size: 734B

.data
Size: 8KB - Virtual size: 10KB

.rsrc
Size: 41KB - Virtual size: 40KB