c52c0454d45b824b10adc4f883760ee8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c52c0454d45b824b10adc4f883760ee8
Size

56KB
MD5

c52c0454d45b824b10adc4f883760ee8
SHA1

c8161d21098d0aec03f1d4a8821265a27dce0d3e
SHA256

1a20078eecf53997f33a84b10a3845feece6772e81767c1e1ccd3428f614ee86
SHA512

2398f66702af8a48dde8f3647e7baab793d4a7aee0c83c979f421b31e369af2f05a4a47d88d75c152b78f343dfb0b73e8b976235b4b4abdbb978996d13e2da53
SSDEEP

1536:qI1h5aFGubnRaxGU4j8Q5feFjKjqjkqW1+:72FGZ88KtOkqW1+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c52c0454d45b824b10adc4f883760ee8

Files

c52c0454d45b824b10adc4f883760ee8
.exe windows:4 windows x86 arch:x86

ee9ce32cc2597cc5be3e254dc3874293

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteTimerQueueTimer
BackupWrite
SetCommConfig
GetCurrentDirectoryW
GetCPInfoExA
ShowConsoleCursor
CreateToolhelp32Snapshot
CloseConsoleHandle
GetExitCodeProcess
SwitchToFiber
LocalReAlloc
Module32FirstW
SuspendThread
GenerateConsoleCtrlEvent
GetLogicalDrives
FindFirstChangeNotificationA
CreateTapePartition
GetCommandLineA
ExitProcess
GetStartupInfoA

user32

PtInRect
GetMenuState
GetClipboardFormatNameW
MessageBoxExW
GetMenuItemCount
CharNextExA
EnumDisplaySettingsExW
RealGetWindowClassW
ShowWindow
GetSystemMetrics
SystemParametersInfoA
GetProcessDefaultLayout
SetProgmanWindow
EnumDisplayDevicesW
GetClientRect
GetInternalWindowPos

Sections

CODE
Size: 5KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE