52617bef267a02d5b40a4f0a06c5d4aa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

52617bef267a02d5b40a4f0a06c5d4aa
Size

55KB
MD5

52617bef267a02d5b40a4f0a06c5d4aa
SHA1

18327a42606b20743eaf5e1c469ea4056f90b4af
SHA256

6401b002b7f76c69dcebcae24b82e49896f3456295c1fa84ebf71b41ff974e6e
SHA512

087f7198690e2513f7acfb358481dde745d4470f7613bbd2193688130ff8f21d635f1eb0de36a90d0364c415adae08b29a49d4723820f23d7bd0ba3ae9061799
SSDEEP

1536:0Tr7ZnMJiQ9w0vDPfxnRF2Jk/M3FoQTq6CPj:0/7ZnMIQDcJLtHg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52617bef267a02d5b40a4f0a06c5d4aa

Files

52617bef267a02d5b40a4f0a06c5d4aa
.exe windows:4 windows x86 arch:x86

9d2f6193dcab88ce5df16e2df51bd312

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileExW
EnumResourceLanguagesW
EnumSystemCodePagesW
ExitProcess
FlushViewOfFile
IsValidLocale
PurgeComm
SetCurrentDirectoryA
SetWaitableTimer
WaitNamedPipeA

advapi32

BuildImpersonateTrusteeW
CreateServiceA
EqualSid
GetLengthSid
GetOldestEventLogRecord
GetSidSubAuthorityCount
LogonUserW
MapGenericMask
OpenProcessToken
RegCreateKeyExA
RegQueryInfoKeyA
RegQueryInfoKeyW
ReportEventW
SetEntriesInAccessListW
StartServiceCtrlDispatcherW

user32

CloseClipboard
GetAncestor
GetClassLongA
GetClassNameA
GetKeyboardLayoutNameW
IsCharAlphaW
IsMenu
KillTimer
LookupIconIdFromDirectoryEx
MapVirtualKeyW
SetWindowPos

shell32

FindExecutableA
PrintersGetCommand_RunDLL
SHGetDataFromIDListA
SHGetDataFromIDListW
SHGetFileInfoW
SHGetPathFromIDList
SHHelpShortcuts_RunDLLW
SHInvokePrinterCommandW
SheChangeDirW
SheGetCurDrive

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 52KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE