252a291744320d6d76b6aaa66b7c85c2

General

Target

252a291744320d6d76b6aaa66b7c85c2
Size

56KB
MD5

252a291744320d6d76b6aaa66b7c85c2
SHA1

31c368ef4b7ee2a541f4ac692ee5c3eb0701da91
SHA256

bc46f06e2383ae983ce510d10b3d3a8c09ec68d1fc23bcc2baa7e43c09f696aa
SHA512

6eb34e1d1e2e9e418fe10b5700f655c37938b0f896273316f6a75099593b96baab408016fcc3ac93a0745bdc4ff90c6921208416a8da55e8d0b6bd6d7c1389f2
SSDEEP

768:8y4tnP8HMV0LPzP5Fm4BWSfZlkiGbFF8E0yyLvwvuX:RgP8HI0ztfRlkiIgyyLYvu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
252a291744320d6d76b6aaa66b7c85c2

Files

252a291744320d6d76b6aaa66b7c85c2
.exe windows:4 windows x86 arch:x86

474608f31e7f89d881ac58829104e808

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
lstrcmpiA
FindFirstFileA
ExitProcess
CopyFileA
GetStringTypeA
LCMapStringW
LCMapStringA
lstrlenA
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
WriteFile
RtlUnwind
GetFileType
GetStdHandle
CreateProcessA
GetModuleFileNameA
GetShortPathNameA
GetEnvironmentVariableA
lstrcpyA
lstrcatA
MultiByteToWideChar
CreateDirectoryA
SetHandleCount
GetStringTypeW
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
HeapFree
VirtualAlloc
HeapReAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW

user32

GetSysColorBrush
LoadIconA
RegisterClassExA
DefWindowProcA
wsprintfA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
KillTimer
SetTimer
FindWindowA

advapi32

RegDeleteValueA
RegQueryValueExA
RegOpenKeyA
RegSetValueExA
RegCreateKeyA
RegCloseKey
RegDeleteKeyA

shell32

ShellExecuteA

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

474608f31e7f89d881ac58829104e808

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 16KB - Virtual size: 14KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 4KB

.rsrc Size: 28KB - Virtual size: 25KB

.text
Size: 16KB - Virtual size: 14KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 28KB - Virtual size: 25KB