cd52e6037ca5afeec801b718d5aa0f76

Sharing

Copy URL Twitter E-mail

General

Target

cd52e6037ca5afeec801b718d5aa0f76
Size

504KB
MD5

cd52e6037ca5afeec801b718d5aa0f76
SHA1

c0ce4525540a7deefe34f0674dacdc1ae6a89491
SHA256

b33bb03c775a388b8220ba76d5047e6a2b69a789a04efeac155f07a23e9d30d3
SHA512

030f51bbea6284d2e6521858a783e1302fdfe0614779c00a52784ed5190305de32bd9902dc3549433a457328231514ab3e34ee5d9f7a0d25a7464d0495d16832
SSDEEP

12288:RjZr+Yjzxrij490qxQCxfdBc+u50uSF2hJwmYL:Rjc6ojeZrxfdur50B4D6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd52e6037ca5afeec801b718d5aa0f76

Files

cd52e6037ca5afeec801b718d5aa0f76
.exe windows:4 windows x86 arch:x86

7bc7af83419b2353beb89e618bfb1d5a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

user32

SetPropW
ChangeDisplaySettingsA
UpdateWindow
RegisterClassA
CharLowerBuffW
GetMessageTime
MonitorFromRect
RegisterClassExA

comdlg32

ReplaceTextW
GetFileTitleA
PrintDlgA

advapi32

RegQueryInfoKeyA
CryptEnumProviderTypesW
CryptImportKey
RegOpenKeyW
RegReplaceKeyA
LookupPrivilegeNameW
RegCreateKeyW
RegDeleteKeyW
RegCreateKeyA

kernel32

CompareStringA
SetHandleCount
LeaveCriticalSection
SetEnvironmentVariableA
FreeEnvironmentStringsW
FlushFileBuffers
HeapReAlloc
GetCurrentProcessId
EnterCriticalSection
TerminateProcess
InterlockedDecrement
TlsAlloc
HeapFree
GetSystemTimeAsFileTime
LoadLibraryA
GetStdHandle
GetTimeFormatA
GetFileType
IsValidCodePage
WriteFile
InterlockedExchange
GetCPInfo
WriteConsoleW
ReadFile
InitializeCriticalSectionAndSpinCount
GetOEMCP
VirtualQuery
SetConsoleCtrlHandler
SetLastError
GetShortPathNameW
GetCommandLineA
GetDateFormatA
GetConsoleCP
TlsFree
GetCurrentThread
UnhandledExceptionFilter
GetModuleHandleA
SetFilePointer
FreeEnvironmentStringsA
GetStringTypeW
WideCharToMultiByte
GetEnvironmentStrings
GetCurrentProcess
ExitProcess
GetConsoleOutputCP
WriteConsoleA
GetProcAddress
LCMapStringW
GetModuleHandleW
GetLastError
HeapDestroy
InterlockedIncrement
EnumSystemLocalesA
GetLocaleInfoA
GetConsoleMode
LCMapStringA
CompareStringW
TlsSetValue
HeapCreate
FreeLibrary
GetModuleFileNameA
DeleteCriticalSection
CreateFileA
GetStartupInfoA
IsDebuggerPresent
HeapAlloc
GetTimeZoneInformation
MultiByteToWideChar
OpenMutexA
GetLocaleInfoW
GetCurrentThreadId
GetEnvironmentStringsW
ReadFileEx
TlsGetValue
GetACP
CloseHandle
HeapSize
GlobalSize
GetStringTypeA
SetStdHandle
VirtualAlloc
SetUnhandledExceptionFilter
Sleep
IsValidLocale
QueryPerformanceCounter
CreateMutexA
GetTickCount
GetEnvironmentVariableA
RtlUnwind
GetComputerNameA
GetUserDefaultLCID
DeleteFileA
VirtualFree

shell32

SHGetMalloc
ShellHookProc
SHFreeNameMappings
SHFileOperationA

Sections

.text
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 316KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7bc7af83419b2353beb89e618bfb1d5a

Headers

File Characteristics

Imports

comctl32

user32

comdlg32

advapi32

kernel32

shell32

Sections

.text Size: 162KB - Virtual size: 162KB

.rdata Size: 10KB - Virtual size: 23KB

.data Size: 316KB - Virtual size: 315KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 162KB - Virtual size: 162KB

.rdata
Size: 10KB - Virtual size: 23KB

.data
Size: 316KB - Virtual size: 315KB

.rsrc
Size: 14KB - Virtual size: 14KB