52e747a9cab9964f12af47af80216fcc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

52e747a9cab9964f12af47af80216fcc
Size

22KB
MD5

52e747a9cab9964f12af47af80216fcc
SHA1

942e28bc81d8dc8a4f0e37446016da09b8772665
SHA256

3f4904d88aedf135f755df6b94476cfff061b145e5335940a0d217f0d5a41554
SHA512

b1487d230b51fa09caa67f9dc740d1de830a1376ec250183b965b27aff9596690b1fe1878d309c52f509ed2522bf248020c29a20cfd408d390f723abc06d0b42
SSDEEP

384:+Z2aNsFo2/26rjlJ4/LF+AiCnXNEQf2PcoiE6gmJn7RYaC1gvnuINwX0+McYdEu:+UaNGlbrj4DIanXNfXoiE61JlYaAEuIR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52e747a9cab9964f12af47af80216fcc

Files

52e747a9cab9964f12af47af80216fcc
.exe windows:4 windows x86 arch:x86

3c4155272038ebb0ea2bcb338fc02bbc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Beep
ExitProcess
GetUserDefaultLCID
LoadLibraryA
OpenWaitableTimerW
ReadConsoleA
SetVolumeLabelW
WaitForSingleObject
WriteConsoleInputW

advapi32

BuildSecurityDescriptorW
CreateProcessAsUserW
CryptDeriveKey
CryptGetHashParam
GetSecurityDescriptorGroup
GetSidLengthRequired
GetTrusteeTypeA
LogonUserA
RegLoadKeyA
RegOpenKeyA
RegQueryMultipleValuesA
RegRestoreKeyA

user32

DdeConnectList
DialogBoxIndirectParamA
FindWindowExA
ImpersonateDdeClientWindow
MessageBoxExW
SendDlgItemMessageA
SetWindowLongA

Sections

.text
Size: 512B - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE