52689e8a61b1bc9578e52a7af64a4cc5

Sharing

Copy URL Twitter E-mail

General

Target

52689e8a61b1bc9578e52a7af64a4cc5
Size

153KB
MD5

52689e8a61b1bc9578e52a7af64a4cc5
SHA1

6d32d6cb7b31d30358ed634aa8f62050e25ec519
SHA256

78699951c12052073cc2a6c81e5602a64347ab03287c3f2dda58dddd9ded24b3
SHA512

3e64646d755bb87140dc5e2c6abe6a36f8527bf3e23944a2bc7d4d5cd11ae5d016975a74f3c2fff75c19692911ad08825c8d566f2f3d16a464904721c77e574f
SSDEEP

3072:RZQXq+WOzjaI+75QzMZNYDL3LJeYhn7HDQvfBEimSz2JcKZJD3Zyk6/wjm26uk:RaXtNnOqnfhvjdSSJ1yk812lk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52689e8a61b1bc9578e52a7af64a4cc5

Files

52689e8a61b1bc9578e52a7af64a4cc5
.exe windows:4 windows x86 arch:x86

caea8aa1cb22f94605a0998015354ad8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetLongPathNameW
CloseHandle
InterlockedDecrement
HeapCreate
GetCPInfo
SetFileAttributesW
GetCommandLineA
HeapReAlloc
GetFileAttributesW
lstrcpynW
GetTempPathW
CreateFileA
LCMapStringA
LoadLibraryW
SetHandleCount
MulDiv
GetUserDefaultLCID
GetDateFormatA
LocalAlloc
lstrlenW
GetStdHandle
GetProcessHeap
GlobalAlloc
DeleteCriticalSection
lstrcmpiW
CreateEventW
GetCurrentProcessId
GetConsoleMode
GetCommandLineW
TerminateThread
WriteFile
FindResourceW
WideCharToMultiByte
RaiseException
ResumeThread
ReadFile
GetSystemInfo
FindFirstFileW
GlobalLock
FreeEnvironmentStringsW
GetCurrentThreadId
GetTimeFormatA
FreeLibrary
SizeofResource
GetTimeZoneInformation
TlsAlloc
LoadLibraryA
FileTimeToLocalFileTime
lstrcatW
ExpandEnvironmentStringsW
LocalLock
LoadResource
LocalFree
CreateProcessW
FindClose
CreateDirectoryW
GetProcAddress
InitializeCriticalSection
CreateMutexW
GetDateFormatW
GetACP
QueryPerformanceCounter
SetFilePointer
InterlockedIncrement
GetModuleFileNameA
SetLastError
WriteConsoleW
lstrcmpW
Sleep
GetStartupInfoA
GetLocaleInfoA
LocalUnlock
GetDriveTypeA
HeapSize
IsValidCodePage
GlobalSize
IsValidLocale
CreateThread
GetEnvironmentStringsW
GetLocalTime
GetModuleFileNameW
GetLocaleInfoW
HeapFree
lstrcpyW
PeekNamedPipe
SetEnvironmentVariableA
OpenEventW
VirtualFree
WaitForMultipleObjects
VirtualQuery
RtlUnwind
IsBadWritePtr
GetOEMCP
GetStringTypeW
HeapDestroy
UnhandledExceptionFilter
FreeEnvironmentStringsA
TlsFree
FlushFileBuffers
FindNextFileW
GetModuleHandleW
WaitForSingleObject
VirtualAlloc
EnterCriticalSection
GetTickCount
GetConsoleOutputCP
SetCurrentDirectoryW
DeleteFileW
MoveFileW
FormatMessageW
MultiByteToWideChar
CreatePipe
TlsSetValue
LockResource
GlobalUnlock
GetDriveTypeW
GetModuleHandleA
CompareStringW
InterlockedExchange
GetFileType
ExitProcess
GetCurrentProcess
SetEvent
GetLastError
VirtualProtect
GetCurrentDirectoryA
LCMapStringW
GetFullPathNameW
FileTimeToSystemTime
GetCurrentDirectoryW
GetVersionExA
EnumSystemLocalesA
GetStringTypeA
GetEnvironmentStrings
GetTimeFormatW
TerminateProcess
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
TlsGetValue
CompareStringA
InterlockedCompareExchange

user32

DrawIcon
CreateCursor
PostMessageW
IsWindowVisible
DestroyCursor
CloseClipboard
SetMenuItemInfoW
GetWindowLongW
PeekMessageW
IsZoomed
SetForegroundWindow
DrawFrameControl
GetScrollPos
SetClipboardData
CheckMenuRadioItem
IsDialogMessageW
SendDlgItemMessageW
ScreenToClient
WindowFromPoint
SetWindowLongW
CreateAcceleratorTableW
ShowWindow
CreatePopupMenu
RegisterWindowMessageW
GetScrollRange
SetWindowPlacement
GetDlgItemTextW
GetWindowTextW
EnableMenuItem
GetWindowRect
GetDlgItem
wsprintfW
DialogBoxParamW
OpenClipboard
GetSystemMetrics
GetSysColor
CreateCaret
DestroyMenu
GetMenuItemCount
InvalidateRect
CreateWindowExW
RealChildWindowFromPoint
ToAscii
DragDetect
GetWindowPlacement
SetDlgItemTextW
DestroyAcceleratorTable
MonitorFromWindow
CallNextHookEx
InsertMenuItemW
CharLowerW
SetCaretPos
SendMessageW
mouse_event
AppendMenuW
FillRect
SetCursor
GetMessageW
SetMenu
EndPaint
GetKeyboardState
PostQuitMessage
RegisterClassExW
RegisterClassW
GetMonitorInfoW
DeferWindowPos
DestroyIcon
TrackPopupMenu
IsWindowUnicode
GetSubMenu
GetClassNameW
MessageBoxW
GetCapture
TranslateAcceleratorW
EndDialog
RemoveMenu
DrawEdge
EmptyClipboard
ScrollWindow
IsIconic
ReleaseDC
SystemParametersInfoW
DrawTextW
PtInRect
GetParent
BeginDeferWindowPos
EnableWindow
TranslateMessage
CallWindowProcA
MapWindowPoints
GetCursorPos
SetParent
GetClientRect
GetClipboardData
SetWindowPos
LoadCursorW
GetActiveWindow
ReleaseCapture
CreateDialogParamW
GetFocus
BeginPaint
ShowScrollBar
LoadBitmapW
DestroyCaret
FrameRect
GetDlgCtrlID
SetDlgItemInt
GetDC
DrawTextExW
DispatchMessageW
InflateRect
RedrawWindow
IsClipboardFormatAvailable
UnhookWindowsHookEx
IsChild
GetDlgItemInt
SetScrollInfo
SetCapture
CallWindowProcW
IsDialogMessageA
DeleteMenu
HideCaret
SetFocus
FindWindowW
GetMenuStringW
MoveWindow
IsWindow
SetWindowTextW
DialogBoxIndirectParamW
ClientToScreen
SetScrollPos

gdi32

GetTextMetricsW
EnumFontFamiliesExW
SetBkColor
SaveDC
RestoreDC
EndPage
SetROP2
DeleteDC
CreateSolidBrush
MoveToEx
SelectObject
SetTextColor
SetWindowOrgEx
GetStockObject
LineTo
CreatePen
GetDeviceCaps
CreateCompatibleBitmap
SetBkMode
OffsetWindowOrgEx
CreatePatternBrush
GetTextExtentPointW
DPtoLP
RemoveFontResourceW
GetPixel
Rectangle
GetObjectW
SetBrushOrgEx
EndDoc
GetROP2
GetTextExtentPoint32W
ExtTextOutW
StartDocW
CreateCompatibleDC
StartPage
CreateHatchBrush
DeleteObject
CreateFontW
AddFontResourceW
SetTextAlign
BitBlt
CreateBitmap
PatBlt

comdlg32

GetOpenFileNameA
ChooseColorW
GetFileTitleA
PageSetupDlgA
FindTextW
PrintDlgW
ChooseColorA
GetFileTitleW
ReplaceTextW
PageSetupDlgW
GetOpenFileNameW
ChooseFontW
GetSaveFileNameW
ReplaceTextA
ChooseFontA
GetSaveFileNameA
PrintDlgA
FindTextA

ole32

StgOpenAsyncDocfileOnIFillLockBytes
WriteClassStm

Sections

.text
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 335KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

caea8aa1cb22f94605a0998015354ad8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

ole32

Sections

.text Size: 39KB - Virtual size: 38KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 117KB - Virtual size: 335KB

.rsrc Size: 4KB - Virtual size: 4KB

.text
Size: 39KB - Virtual size: 38KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 117KB - Virtual size: 335KB

.rsrc
Size: 4KB - Virtual size: 4KB