52cbdf0ec50887c5ed8716c5c542cd38 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

52cbdf0ec50887c5ed8716c5c542cd38
Size

1.2MB
MD5

52cbdf0ec50887c5ed8716c5c542cd38
SHA1

b27842e3c8b56592488547724a55677472dc5cf2
SHA256

e9a690db6fe54fa12dc63dd17b086990470711a7c80a0b2d89af97062e39e85d
SHA512

09251a157482675669a395bc49aa6cd7b06cbd1da3cae7d2e881ac4da26da68000bcd811d7ac4942220ecd77cdba8671cc322b64df58e67d084b32dc811b94b3
SSDEEP

24576:+BYhHsfYD/nbqkJ3hX/m4IOTnhBIpJNpoOB3o+JU9Ig:7hMcTTxX/mRONKpJNpoOBo+G9J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52cbdf0ec50887c5ed8716c5c542cd38

Files

52cbdf0ec50887c5ed8716c5c542cd38
.exe windows:4 windows x86 arch:x86

1ba2b7ecd08a8a8f7f28cedb26e01f88

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnumThreadWindows

kernel32

Sleep
LoadResource
GetSystemTimeAsFileTime
ExitProcess
VirtualQuery
GetCommandLineA
VirtualProtect
SetHandleCount
CreateFileW
SetLastError
GetCPInfo
TerminateProcess
SleepEx
WaitForSingleObject
GetLocaleInfoW
GetTempPathW
GetCurrentThreadId
SetUnhandledExceptionFilter
WaitForMultipleObjects
GetCurrentProcessId
VirtualAlloc
TlsGetValue
HeapFree
GetStringTypeW

msvcrt

_wcsnicmp
_cexit
_vsnprintf

ole32

CreateStreamOnHGlobal

advapi32

RegSetValueExW

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 982B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ