52921aff0925823b213f34ae7e0be928

General

Target

52921aff0925823b213f34ae7e0be928
Size

30KB
MD5

52921aff0925823b213f34ae7e0be928
SHA1

6b14458b4cb3eba80f7c9673290b3683ad88824f
SHA256

70be2823119f7cd7bafcdf9c096a34ce9e727679ee91b20942fd5a9b724052f8
SHA512

05b5656080ccf74f7fc9ec9384542a5e63c8d7abcf87bf7dd2ec58860f7d6d81aa5a4ce5d2c7675fd123ef53f3a3a520ca339766ae1f8641a4759e9deeb3af64
SSDEEP

768:P0xKJsn0Eyz5IY5EirxA+EXk0s/IIM0W0Lnfp:cX65V5/rC+mvezfp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52921aff0925823b213f34ae7e0be928

Files

52921aff0925823b213f34ae7e0be928
.dll windows:4 windows x86 arch:x86

bff332347b3f41bb283671a394394125

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord1168
ord823
ord665
ord1979
ord6385
ord5186
ord354
ord800
ord922
ord537
ord825

msvcrt

puts
exit
strncpy
__dllonexit
_onexit
free
_initterm
sprintf
__CxxFrameHandler
_ftol
strncat
_stricmp
malloc
_adjust_fdiv

kernel32

FileTimeToSystemTime
RaiseException
LocalAlloc
InterlockedExchange
lstrcmpiA
GetCurrentProcessId
GetLocalTime
GetStartupInfoA
GetSystemDirectoryA
OpenProcess
TerminateProcess
GetCurrentProcess
CreateToolhelp32Snapshot
Process32First
Module32First
GetPriorityClass
Process32Next
GetFileSize
ReadFile
CreateFileA
WriteFile
CreateThread
LoadLibraryA
GetProcAddress
FreeLibrary
Sleep
MoveFileA
CopyFileA
CloseHandle
CreateProcessA
DeleteFileA
FindClose
FindNextFileA
GetLastError
FileTimeToLocalFileTime
FindFirstFileA

msvcp60

??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
??1_Winit@std@@QAE@XZ

Exports

Exports

SetParamter
StartFileManageThread
StartKeyLogThread
StartProcessThread
StartShellThread
StartVideoThread

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bff332347b3f41bb283671a394394125

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

msvcp60

Exports

Exports

Sections

.text Size: 18KB - Virtual size: 18KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 5KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 18KB - Virtual size: 18KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 5KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB