52e33c676dd93713c889fc781c331813

General

Target

52e33c676dd93713c889fc781c331813
Size

162KB
MD5

52e33c676dd93713c889fc781c331813
SHA1

aa00e0d082afdcb49ed8d6a6f926833ea9d60b48
SHA256

7252a2b4fa45b26b758b2be6b9ea9bb3ba2a233f0a8b97b11108c007b857e3e6
SHA512

0da6ce19f0ba366aa716e28c823d3b5337c68bc07436187143bd54f6140e86415caae8c6e1ac7aae254f95ee283144d6e4b05181b1aa68744e05d53d60f14002
SSDEEP

1536:pNbzpHxvwoGlRv1X7TEd3QKTSB+G49ggRgi/lpzLBnysSWE+m4EwUkTqumI0WU7X:pNdxooG1i3KBebrvbC+wwU9TI0P7Pwy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52e33c676dd93713c889fc781c331813

Files

52e33c676dd93713c889fc781c331813
.exe windows:1 windows x86 arch:x86

7f85eedf82c7dbf8e7b4e2f1cc3a3c5a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemTimeAsFileTime
WaitForMultipleObjects
GetModuleHandleA
FreeEnvironmentStringsW
LockResource
GlobalAlloc
TlsGetValue
GetStartupInfoA
GetCommandLineW
SetEnvironmentVariableA
CreateProcessA
QueryPerformanceCounter
WideCharToMultiByte
RtlUnwind
GetEnvironmentStringsW
GetStringTypeW
InterlockedDecrement
PulseEvent
GetSystemInfo
InterlockedIncrement
GetEnvironmentVariableA
HeapFree
WriteConsoleA
InitializeCriticalSection
LoadResource
IsBadReadPtr
DeleteCriticalSection
GetConsoleOutputCP
GetFileTime
GetFileType
LoadLibraryA
lstrcmpA
Module32Next
GetProcessAffinityMask
TlsSetValue
GetModuleHandleW
ResetEvent
GetLastError
MulDiv

user32

EnableMenuItem
GetCursorPos
SetWindowPlacement
CreateDialogParamA
GetCapture
UnionRect
SetWindowLongA
EndPaint
SetClassLongA
GetDlgCtrlID
EndDeferWindowPos
DefFrameProcA
TrackPopupMenuEx
GetWindowDC
CloseClipboard
GetScrollInfo
ReleaseDC
RemoveMenu
RedrawWindow
GetSystemMetrics
PostMessageA
SetWindowTextA
SetScrollInfo
CheckDlgButton
GetMenuItemCount
GetWindowLongA
LoadIconA
IsWindowVisible
SetMenuItemInfoA
EnableWindow
SetCursor

msvcrt

_initterm
__p__commode
_exit
__p__fmode
_XcptFilter
_acmdln
memcpy
_controlfp
_except_handler3
__set_app_type
__setusermatherr
_adjust_fdiv
__getmainargs
exit

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f85eedf82c7dbf8e7b4e2f1cc3a3c5a

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 96KB - Virtual size: 96KB

.data Size: 40KB - Virtual size: 40KB

.rsrc Size: 512B - Virtual size: 164B

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 96KB - Virtual size: 96KB

.data
Size: 40KB - Virtual size: 40KB

.rsrc
Size: 512B - Virtual size: 164B