52e104764038f0877bdd484cae4a6357

Sharing

Copy URL Twitter E-mail

General

Target

52e104764038f0877bdd484cae4a6357
Size

288KB
MD5

52e104764038f0877bdd484cae4a6357
SHA1

16b7b6069d8afec7029ad2603a3ca80f5f5970a3
SHA256

fc88fb7a819c6fda32bec3ae9f5ec022deee074583fcbbea8f8e46b3af04681b
SHA512

bad507f33fc202391a756411422fc9cfea7c4baaf8d78efa5e093146f6cbf8ccb70236246f2892fedaf92565c6f6078c1c0da08929e22a65aba90bbff425ccd2
SSDEEP

6144:EaQwfhUayTT1rfTaEEZ6FXsEounF8J9fN16j3o:pFByTT1zOEu67ounK9FYj3o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52e104764038f0877bdd484cae4a6357

Files

52e104764038f0877bdd484cae4a6357
.exe windows:9 windows x86 arch:x86

3ee7ac81f5bedc9667a9bd0dcb9de538

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VerifyVersionInfoW
CreateFileW
GetTickCount
GetModuleHandleA
CancelIo
GetEnvironmentStrings
CloseHandle
WaitForSingleObject
OpenProcess
CreateWaitableTimerW
LeaveCriticalSection
SetEvent
LocalFree
MapViewOfFile
CancelWaitableTimer
GetSystemDirectoryW
DuplicateHandle
FreeLibrary
CreateEventW
CloseHandle
SetPriorityClass
WaitForMultipleObjectsEx
DeleteCriticalSection
VirtualAlloc
lstrcpyW
VirtualFree
EnterCriticalSection
lstrlenW
LoadLibraryW
GetTickCount
FlushInstructionCache
InterlockedIncrement
GetOverlappedResult
GetCommandLineW

gdi32

CreateSolidBrush
SelectObject

hid

HidD_FreePreparsedData
HidD_GetPreparsedData
HidP_GetSpecificValueCaps
HidP_GetUsageValue
HidP_MaxUsageListLength
HidP_GetUsages

ole32

CoTaskMemAlloc
CoInitializeSecurity

advapi32

RegOpenKeyExA
OpenThreadToken
RegQueryValueExA
RegOpenKeyExW
GetTokenInformation
RegDeleteKeyW
SetSecurityDescriptorGroup
CopySid

user32

GetDoubleClickTime
OpenInputDesktop
CloseDesktop
RegisterDeviceNotificationW
ClientToScreen
GetThreadDesktop
IntersectRect
GetSysColorBrush
GetMonitorInfoW
GetWindowLongW
CallWindowProcW
UpdateLayeredWindow
SetWindowsHookExW
SystemParametersInfoW
EqualRect
SetWindowLongW
ShowWindow
SendInput
MoveWindow
GetUserObjectInformationW
FillRect
GetAncestor
SetThreadDesktop
ReleaseDC

msvcrt

__p__fmode
_vsnwprintf
exit
??2@YAPAXI@Z
_wfopen
__dllonexit
_exit
wcscmp
_beginthreadex
_XcptFilter
__set_app_type
_itow
_onexit
_initterm
__setusermatherr
??3@YAXPAX@Z
_adjust_fdiv
_wcmdln
_c_exit

atl

ord57
ord18
ord58

setupapi

SetupDiDestroyDeviceInfoList

Sections

.text
Size: 202KB - Virtual size: 202KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 584KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ee7ac81f5bedc9667a9bd0dcb9de538

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

hid

ole32

advapi32

user32

msvcrt

atl

setupapi

Sections

.text Size: 202KB - Virtual size: 202KB

.data Size: 51KB - Virtual size: 51KB

.rsrc Size: 33KB - Virtual size: 584KB

.text
Size: 202KB - Virtual size: 202KB

.data
Size: 51KB - Virtual size: 51KB

.rsrc
Size: 33KB - Virtual size: 584KB