52354b8b96e0363803da03410b4ad8ec | Triage

Sharing

General

Target

52354b8b96e0363803da03410b4ad8ec
Size

52KB
MD5

52354b8b96e0363803da03410b4ad8ec
SHA1

cbd1d6f597b987768ee13f4dddc043cdeb463e15
SHA256

cf15015f7ce66a974af8f4a423898734f64ed58d8b35ff843f946aa80705bbe4
SHA512

db84103d979887adad868a313708501b4fca72c90588c6bed4925632fe55c391ca5dce9be7d150625d6076e9cec652f7838807b1b174697497b34593745404e2
SSDEEP

768:r2a21efKYpvlWN+EmWXqUVJ6nXc219NZAjcVWvzU1/kVEgCHFqB6ZKAqJEAZh2sP:gkyUWIEt8XPHVWvzuHF4MZDD82sf3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52354b8b96e0363803da03410b4ad8ec

Files

52354b8b96e0363803da03410b4ad8ec
.exe windows:5 windows x86 arch:x86

39cd4956c56495724be1ea6b5220e5c8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptReleaseContext

kernel32

GetCommandLineA

shlwapi

PathCombineW
PathFindFileNameW
PathMatchSpecW
PathRemoveFileSpecW
StrCmpNIA
StrCmpNIW
wnsprintfW
wvnsprintfA

user32

FindWindowExA
GetCursorPos
GetDlgItem
GetIconInfo
GetWindowThreadProcessId
LoadCursorA
MsgWaitForMultipleObjects
PeekMessageA
SendMessageA
SetProcessWindowStation
SetThreadDesktop

Sections

.vshkp
Size: 42KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mvijoz
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vad
Size: 6KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ