52c7680359315395270fc4b72f3e21b3 | Triage

Sharing

General

Target

52c7680359315395270fc4b72f3e21b3
Size

892KB
MD5

52c7680359315395270fc4b72f3e21b3
SHA1

7cb82e7b3df6b76a1b463733c39273db542345f2
SHA256

5f377ad9deeab91c1731dbb7bef91ba85e22daf02811a24673eeeb12ce371023
SHA512

2abae117f519a0d7af7a51fae0eab914ed52cb94dd2f1f69e0b77df02462094e531a31213644181d795400fd6317bd0722b5de64712cfe0ac3a29a3733a27b95
SSDEEP

12288:itLXhq9JTtfn2bwHKmNTIlcAr+BapbiiQ4ZYyXhmnrreAdjrfJ97b1YGgNYn:i/q9lt/2bgRBapVQImnrFJ97B+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52c7680359315395270fc4b72f3e21b3

Files

52c7680359315395270fc4b72f3e21b3
.exe windows:4 windows x86 arch:x86

60ad0f71e0a9bc2f54d0358c9ebbba00

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
CreateFileA
LockResource
LoadResource
CloseHandle
FindResourceA
GetModuleHandleA
GetStringTypeA
LCMapStringW
GetModuleFileNameA
GetShortPathNameA
lstrcpyA
lstrcatA
GetEnvironmentVariableA
GetSystemDirectoryA
SizeofResource
WinExec
LCMapStringA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
GetStringTypeW

user32

wsprintfA

shell32

ShellExecuteA

ole32

CoUninitialize
CoInitialize

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 856KB - Virtual size: 852KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ