052e54b071a933b645f5c943f7afe479

Sharing

Copy URL

Twitter E-mail

General

Target

052e54b071a933b645f5c943f7afe479
Size

523KB
MD5

052e54b071a933b645f5c943f7afe479
SHA1

bc2ce0b2718ca77375e3705d78bfb4a041bff2b6
SHA256

f7a1448c673d58f7e1e3a3877882a88151ba95ed037b890c659baea07914722f
SHA512

275c6e1942e7402f780dd285069eca7798fb34d0982767baaee91d2ce48ccbd33df85081414775ff3acd0c04d4772c0eb058a897d98ceeacecf9db473bbc6425
SSDEEP

12288:TVGf85GkxohcpOB/mRGNk/e8Fys3SmgJ8jVq23MN:ZGf85Cc89pEys3SmgsVr3o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
052e54b071a933b645f5c943f7afe479

Files

052e54b071a933b645f5c943f7afe479
.exe windows:4 windows x86 arch:x86

75d75dd7e85e273e3c467e7520b86875

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

gdiPlaySpoolStream
GetCharABCWidthsA

kernel32

HeapReAlloc
HeapAlloc
HeapDestroy
WaitNamedPipeW
LCMapStringA
GetLocaleInfoW
GetProcessHeap
GetStdHandle
UnhandledExceptionFilter
GetCPInfo
SetEnvironmentVariableA
GetCommandLineA
MultiByteToWideChar
VirtualAlloc
CloseHandle
LocalFree
LoadLibraryA
HeapFree
ExitProcess
GetTimeFormatA
FlushFileBuffers
WriteConsoleA
IsValidCodePage
GetModuleHandleA
GetTickCount
CreateFileA
GetEnvironmentStrings
QueryPerformanceCounter
GetLocaleInfoA
InterlockedDecrement
TlsGetValue
GetVersionExA
CompareStringA
TlsAlloc
GetUserDefaultLCID
GetEnvironmentStringsW
VirtualQuery
GetCurrentThreadId
GetACP
GetConsoleCP
GetStartupInfoA
GetModuleFileNameA
GetDateFormatA
OpenMutexA
lstrcpyW
GetStringTypeW
GetPrivateProfileStringA
TlsFree
GetProcAddress
WritePrivateProfileStructA
ReadFile
WriteConsoleW
FreeLibrary
SetStdHandle
IsDebuggerPresent
GetFileType
SetCurrentDirectoryA
GetConsoleOutputCP
GetStartupInfoW
UnlockFileEx
GetCurrentProcessId
WideCharToMultiByte
GetCurrentThread
GetConsoleMode
CompareStringW
GetTimeZoneInformation
InterlockedExchange
WriteFile
CreateMutexA
GetCommandLineW
DeleteCriticalSection
TlsSetValue
LCMapStringW
FreeEnvironmentStringsW
IsValidLocale
VirtualFree
GetCurrentProcess
GetModuleFileNameW
GetLongPathNameA
EnumSystemLocalesA
InterlockedIncrement
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
SetHandleCount
EnterCriticalSection
RtlUnwind
GetLastError
LeaveCriticalSection
LoadModule
HeapSize
TerminateProcess
HeapCreate
InitializeCriticalSection
SetUnhandledExceptionFilter
SetLastError
GetOEMCP
SetConsoleCtrlHandler
Sleep
GetStringTypeA
SetFilePointer

wininet

GopherGetLocatorTypeW
InternetAutodialHangup

comctl32

InitCommonControlsEx

user32

RegisterClassA
ToAsciiEx
RegisterClassExA

Sections

.text
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

75d75dd7e85e273e3c467e7520b86875

Headers

File Characteristics

Imports

gdi32

kernel32

wininet

comctl32

user32

Sections

.text Size: 191KB - Virtual size: 191KB

.rdata Size: 9KB - Virtual size: 40KB

.data Size: 316KB - Virtual size: 315KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 191KB - Virtual size: 191KB

.rdata
Size: 9KB - Virtual size: 40KB

.data
Size: 316KB - Virtual size: 315KB

.rsrc
Size: 5KB - Virtual size: 5KB