52f136a310d80f770314b325f0a9aae7

Sharing

Copy URL Twitter E-mail

General

Target

52f136a310d80f770314b325f0a9aae7
Size

328KB
MD5

52f136a310d80f770314b325f0a9aae7
SHA1

958243e58c2cbe030dc1f38aedb78b7ade15d964
SHA256

b6d36ec91307cff07875ced6616662c09ddbdba458db18004ebc8b6df7ad5764
SHA512

d6666c2d418b8936787fef11095d84fb6901148d75203b0a0059cbc1929489527c6119b969c418219088b3a12c16da6a18e62c0074dd73d136721a224c243221
SSDEEP

6144:/zQEc7qK9dL/T3qj2YHhFCQMYkZkVIpkbDcnM7UMM62C1X3:/zm+Kq6YHhFj0Zk6ycM7ZiQn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52f136a310d80f770314b325f0a9aae7

Files

52f136a310d80f770314b325f0a9aae7
.exe windows:4 windows x86 arch:x86

09fedccb6f78f95931e7ee3833a802ee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetCPInfo
CompareStringA
TlsSetValue
GetCurrentThreadId
GetModuleHandleA
InterlockedExchange
OpenMutexA
InterlockedDecrement
GetCommandLineA
WideCharToMultiByte
FlushFileBuffers
SetLastError
GetTickCount
SetVolumeLabelA
VirtualAlloc
GetEnvironmentStrings
MultiByteToWideChar
AddAtomW
GetTimeZoneInformation
HeapAlloc
TlsAlloc
GetACP
CreateFileA
FreeEnvironmentStringsA
GetSystemTime
GetStdHandle
VirtualQuery
CreateMutexW
GetModuleFileNameA
RtlUnwind
HeapFree
HeapCreate
CreateMutexA
CompareStringW
CloseHandle
GetProcAddress
HeapReAlloc
TlsFree
InterlockedIncrement
GetSystemTimeAsFileTime
GetFileType
GetOEMCP
GetStringTypeW
ExitProcess
GetCurrentProcess
FreeEnvironmentStringsW
SetEnvironmentVariableA
HeapDestroy
SetHandleCount
TransmitCommChar
LCMapStringA
LCMapStringW
GetCurrentThread
VirtualLock
QueryPerformanceCounter
IsBadWritePtr
SetPriorityClass
UnhandledExceptionFilter
GetCurrentProcessId
DeleteCriticalSection
GetLocalTime
EnterCriticalSection
VirtualFree
GetVersion
TerminateProcess
ReadFile
GetStringTypeA
GetStartupInfoA
SetFilePointer
GetLastError
TlsGetValue
WriteFile
SetStdHandle
WritePrivateProfileSectionW
InitializeCriticalSection
GetEnvironmentStringsW
LeaveCriticalSection

comctl32

ImageList_Destroy
ImageList_Replace
ImageList_AddIcon
CreateStatusWindowW
ImageList_LoadImageA
ImageList_SetFilter
ImageList_EndDrag
ImageList_Add
ImageList_Create
ImageList_BeginDrag
DrawStatusTextA
CreateUpDownControl
ImageList_DragLeave
ImageList_DragShowNolock
ImageList_SetDragCursorImage
DrawInsert
ImageList_GetBkColor
InitMUILanguage
ImageList_Copy
ImageList_GetIconSize
ImageList_DragEnter
CreatePropertySheetPageW
ImageList_Merge
MakeDragList
InitCommonControlsEx

user32

MessageBoxExW
InternalGetWindowText
PostMessageW
GetMenuItemInfoA
LoadBitmapW
CharNextW
FindWindowA
InflateRect
LoadMenuW
DispatchMessageW
RegisterClassExA
SetThreadDesktop
ChangeDisplaySettingsExW
DestroyWindow
ShowWindow
SetWindowsHookW
SetScrollPos
DdeDisconnectList
RegisterClassA
SetScrollInfo
RedrawWindow
SetForegroundWindow
PostThreadMessageW
SetTimer
ShowCaret
GetPropW
CreateWindowExW
DdeCreateStringHandleW
ToAsciiEx
GetKeyboardState
LoadCursorW
GetMessageTime
DefWindowProcW
SetFocus
BroadcastSystemMessage
MessageBoxW

Sections

.text
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09fedccb6f78f95931e7ee3833a802ee

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 108KB - Virtual size: 106KB

.rdata Size: 68KB - Virtual size: 66KB

.data Size: 88KB - Virtual size: 99KB

.rsrc Size: 60KB - Virtual size: 57KB

.text
Size: 108KB - Virtual size: 106KB

.rdata
Size: 68KB - Virtual size: 66KB

.data
Size: 88KB - Virtual size: 99KB

.rsrc
Size: 60KB - Virtual size: 57KB