52e35466236500a2a11bf7ab0de3bedc

General

Target

52e35466236500a2a11bf7ab0de3bedc
Size

3.4MB
MD5

52e35466236500a2a11bf7ab0de3bedc
SHA1

1a180d384d13527846cfb40bfa299a708c9d165d
SHA256

18f1878711ede4ba13c3931d4b6ff94fa94065c79adc579f438a5619fc8f9e7a
SHA512

8e8e076ef1ef68c7a8f725df71f8afbcdb8ef3a17be95c1afa4437ed7de8e7ebe07c34eb9317e8453077075aa8a458bb3bb9ec41936e564156870d78199d62c7
SSDEEP

98304:InVLDT9Axi4aTCubCbuzu95f515Cpo4qevgqWu:IV3TOxJatbhzg51ApNvg7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52e35466236500a2a11bf7ab0de3bedc

Files

52e35466236500a2a11bf7ab0de3bedc
.exe windows:4 windows x86 arch:x86

c249fa3937b7809f31278b3b1723c98c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
SetUnhandledExceptionFilter
GetProcAddress
Sleep
GetTickCount
LocalFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
GetStartupInfoW
IsDebuggerPresent
ReadFile
RaiseException
SetEvent
GetACP
FormatMessageW
GetFileType
TlsGetValue
InitializeCriticalSection
HeapReAlloc
GetConsoleMode
FlushFileBuffers
TlsSetValue
TlsAlloc
HeapSize
TlsFree
SetFilePointer
GetModuleFileNameA
GetOEMCP
FindNextFileW
IsValidCodePage
FindFirstFileW
DeleteFileW
GetConsoleCP
GetCommandLineA
DecodePointer
GetVersionExW
EncodePointer
LoadLibraryA

user32

LoadStringW
ShowWindow
ReleaseDC
PostQuitMessage
GetWindowLongW
GetDlgItem
GetWindowRect
PostMessageW
GetClientRect
EnableWindow
LoadCursorW
GetParent
SetTimer
LoadIconW
SetForegroundWindow
EndPaint
ScreenToClient
KillTimer
InvalidateRect
GetWindow
GetKeyState

Sections

.data
Size: - Virtual size: 612KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c249fa3937b7809f31278b3b1723c98c

Headers

File Characteristics

Imports

kernel32

user32

Sections

.data Size: - Virtual size: 612KB

.idata Size: 2KB - Virtual size: 1KB

.text Size: 6KB - Virtual size: 6KB

.rdata Size: 3.4MB - Virtual size: 3.4MB

.data
Size: - Virtual size: 612KB

.idata
Size: 2KB - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 6KB

.rdata
Size: 3.4MB - Virtual size: 3.4MB