c52e6dc3d500c24b6fd605c00e757d1a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c52e6dc3d500c24b6fd605c00e757d1a
Size

110KB
MD5

c52e6dc3d500c24b6fd605c00e757d1a
SHA1

72732522cac21c900df7a51073b6691be3d490e6
SHA256

f5b30d6b7f9f4126284b38ecf1c484822fa5f44cd351915da12307771c834d89
SHA512

b8cab15120ede45fc64cc3b3e3469ee1014adf4a17959e5f51bf3286801b85b917e1cae7ab668671c7d513ad049821f957663c1a8259ae6b7c0da5d2fb7e88d4
SSDEEP

3072:cCwciDVvfAD66/YSUyAAO+nJJoWjNCaO6BmZDLuEAy:4DVvYD66xUdeoWVoAhy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c52e6dc3d500c24b6fd605c00e757d1a

Files

c52e6dc3d500c24b6fd605c00e757d1a
.exe windows:4 windows x86 arch:x86

d127a86944be18942cc7f29beb2aa7f1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObjectEx
WaitForSingleObject
LocalAlloc
GetTickCount
GetProcAddress
LoadLibraryA
HeapFree
HeapAlloc
GetProcessHeap
VirtualProtect

user32

WaitForInputIdle
GetForegroundWindow
GetParent
GetLastActivePopup
IsIconic
IsWindowUnicode
SetForegroundWindow
GetClassWord
GetWindowLongA
ShowWindowAsync
RegisterClassExA

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE