52369b67e4df77faf59a73894fddd117

General

Target

52369b67e4df77faf59a73894fddd117
Size

33KB
MD5

52369b67e4df77faf59a73894fddd117
SHA1

d6cf574c111b422d9c2156b01b2f88f85cded04d
SHA256

7b694a273292601518d88e7a02e25a01f1449e4a676c70b3b516d69fd02f098c
SHA512

eed0250f9dda13fb263cdf2a17d83ca16c176308017dd886404b341a2584e75a6752b527014061c546a77cd18860298327557ac353801e0226005254556c2770
SSDEEP

384:/2X8+zyRY1JcrfbNDEbMHMzU7Muhlk5G1+Gz3a8HzablodWj6ZvueUzSoihNxHG7:+3lJyftNMIvhlFR2gWuMe08zc/N5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52369b67e4df77faf59a73894fddd117

Files

52369b67e4df77faf59a73894fddd117
.exe windows:4 windows x86 arch:x86

170f244fb6f893c0e36b815b8a2fd9c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GenerateConsoleCtrlEvent
GlobalUnfix
HeapWalk
InterlockedCompareExchange
IsBadStringPtrA
OpenProcess
ReleaseSemaphore
ScrollConsoleScreenBufferA
SetEnvironmentVariableW
SetProcessShutdownParameters
SetSystemTime

advapi32

BuildExplicitAccessWithNameA
CryptGetProvParam
CryptSetHashParam
DeregisterEventSource
FindFirstFreeAce
GetKernelObjectSecurity
GetMultipleTrusteeOperationA
GetOldestEventLogRecord
GetSidSubAuthorityCount
IsTextUnicode
MakeSelfRelativeSD
RegConnectRegistryW
SetEntriesInAclA
SetSecurityDescriptorSacl

user32

CreateAcceleratorTableW
CreateCursor
FindWindowExA
GetAsyncKeyState
GetPriorityClipboardFormat
OemToCharBuffW
SetWindowPos

shell32

Control_FillCache_RunDLLW
DragQueryFile
DragQueryFileA
DragQueryFileW
ExtractIconResInfoA
PrintersGetCommand_RunDLL
RealShellExecuteExW
SHQueryRecycleBinW
SheChangeDirExW
SheConvertPathW
SheRemoveQuotesW
ShellAboutW

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 30KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

170f244fb6f893c0e36b815b8a2fd9c6

Headers

File Characteristics

Imports

kernel32

advapi32

user32

shell32

Sections

.text Size: 512B - Virtual size: 4KB

.rdata Size: 1KB - Virtual size: 4KB

.data Size: 30KB - Virtual size: 212KB

.text
Size: 512B - Virtual size: 4KB

.rdata
Size: 1KB - Virtual size: 4KB

.data
Size: 30KB - Virtual size: 212KB