52a092590b7e6ace44cb9ad634d354bf

General

Target

52a092590b7e6ace44cb9ad634d354bf
Size

13KB
MD5

52a092590b7e6ace44cb9ad634d354bf
SHA1

820b59b4378b00d95cc35ac562b4a5795aa15933
SHA256

e86d681049e482c6feb4a56fcbf2ea07300717238b33a012d86f64aa12704d7b
SHA512

d12c9b25cf6719958294970e1afc0f868ee01f4dbe6af60444153371002d5fc7c183fa2ff307b28ede010bba6a05dc30eaa6afbb45bbcd3d0f3605c7bf2bb53a
SSDEEP

384:s9X0/I2gUMULp2RP5/8CWtQ7NZhlqn32K:wE/I2gp1h5/M+xZhwnm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52a092590b7e6ace44cb9ad634d354bf

Files

52a092590b7e6ace44cb9ad634d354bf
.dll regsvr32 windows:4 windows x86 arch:x86

cecee0ae2a9887c013c34b417db8c1c7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeGetTime

wininet

InternetConnectA
InternetCloseHandle
FtpGetFileA
InternetOpenA
InternetGetConnectedState

mfc42

ord5442
ord1979
ord5186
ord6010
ord6385
ord354
ord665

msvcrt

_stricmp
_adjust_fdiv
_initterm
free
_onexit
time
srand
rand
strcmp
sprintf
strlen
_EH_prolog
__CxxFrameHandler
memset
strcat
strcpy
malloc
__dllonexit

kernel32

GetSystemDirectoryA
GetPrivateProfileStringA
GetCurrentProcess
GetLastError
CreateRemoteThread
GetProcAddress
FreeLibrary
Sleep
GetWindowsDirectoryA
DeleteFileA
GetCommandLineA
CreateToolhelp32Snapshot
Process32First
Process32Next
OpenProcess
VirtualAllocEx
WriteProcessMemory
LoadLibraryA
CloseHandle

advapi32

LookupPrivilegeValueA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
OpenProcessToken
AdjustTokenPrivileges

shell32

ShellExecuteA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMyOnTimeAction
DllRegisterServer
DllUnregisterServer
Dll_JustWorking

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 542B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cecee0ae2a9887c013c34b417db8c1c7

Headers

File Characteristics

Imports

winmm

wininet

mfc42

msvcrt

kernel32

advapi32

shell32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 7KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 1024B - Virtual size: 8KB

.reloc Size: 1024B - Virtual size: 542B

.text
Size: 8KB - Virtual size: 7KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 1024B - Virtual size: 8KB

.reloc
Size: 1024B - Virtual size: 542B