52f6ecd792ad4384b2dd1bd49d351402 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

52f6ecd792ad4384b2dd1bd49d351402
Size

37KB
MD5

52f6ecd792ad4384b2dd1bd49d351402
SHA1

b10ecba792170bd3348f9614f25b4c9bed165da5
SHA256

e51843f12227e2dea4c96261421ff4f4eb04f9a2076731f5e86d87451170bda2
SHA512

b8aef71e84ce4581f129814c2ff042c6deee5d9fb3f86e218dc4b7a15457dcf0a71a9b54ff30a9a602fdf95552c1a83d5b4bf673132a8944f2d4c45a710f7c8c
SSDEEP

768:djTkXuCo6w/XZdxUeY8cZIQLFYylVN8DcRjqGJJTbCu:JTkXujrx7/cZIdCNUcR2GHiu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52f6ecd792ad4384b2dd1bd49d351402

Files

52f6ecd792ad4384b2dd1bd49d351402
.exe windows:4 windows x86 arch:x86

d60628d49d55655cbba2dada2b031beb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
IsBadCodePtr
LocalFree
lstrcpyA
VirtualProtect
GetOEMCP
GlobalFree
GetLastError
GlobalUnlock
GetStdHandle
LoadResource
HeapCreate
LoadLibraryExA
EnterCriticalSection
FreeConsole
DeleteAtom
CloseHandle
SetConsolePalette
GlobalAddAtomA
GlobalAddAtomA
WriteProfileStringA

user32

GetClassInfoExA
GetFocus
DrawEdge
IsIconic
ReleaseDC
EndPaint
GetWindowTextLengthA
ValidateRect
GetDC
GetActiveWindow
GetClassNameA
BeginPaint
CloseWindow
GetParent
ShowWindow
GetForegroundWindow
GetWindowTextA
AlignRects
GetWindow

mprapi

MprAdminUserClose
MprAdminUserWrite
MprAdminUserOpen
MprAdminUserRead
MprAdminUserGetInfo

linkinfo

CreateLinkInfoA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ