d52ab2b86508472717d7a7c0f28eb35f

General

Target

d52ab2b86508472717d7a7c0f28eb35f
Size

14KB
MD5

d52ab2b86508472717d7a7c0f28eb35f
SHA1

5f346b65ed201fb6bbf5f1770d15ed581546ad9f
SHA256

a5bef37be547018d07c8c25f947497a987e173ef9a6a94e62fc2c08d9dc8a4b9
SHA512

bc72c5b3f301371e215c5fd4db1ecab82797ed493bfe56e169061acbf723c01d759f57857ac4baf9cf219358971c73f3f84b1c7f9559c60addd25c5df0ac822a
SSDEEP

192:SysXCq8h2/USyxH9iwO9J3AtJ3nAN8SBVDNxWw5mBGrTRXpRX7Z+1omY:LsXCX1PxHKArY9Vj15m0RZRrZ+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d52ab2b86508472717d7a7c0f28eb35f

Files

d52ab2b86508472717d7a7c0f28eb35f
.exe windows:4 windows x86 arch:x86

4e26dbca4b65f9da1a7c42d86d3acc62

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
CreateMutexA
CreatePipe
CreateProcessA
CreateRemoteThread
CreateToolhelp32Snapshot
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
GetCommandLineA
GetDriveTypeA
GetFileSize
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetSystemDefaultLangID
GetSystemDirectoryA
GetTimeFormatA
GetVersionExA
GlobalAlloc
GlobalFree
LoadLibraryA
Module32First
OpenProcess
PeekNamedPipe
Process32Next
ReadFile
SetCurrentDirectoryA
TerminateProcess
VerLanguageNameA
VirtualAllocEx
VirtualFreeEx
WinExec
WriteFile
WriteProcessMemory
lstrcatA
lstrcmpA
lstrcmpiA
lstrlenA

user32

DefWindowProcA
DispatchMessageA
FindWindowA
GetForegroundWindow
GetKeyNameTextA
GetKeyState
GetKeyboardState
GetMessageA
GetWindowTextA
CreateWindowExA
KillTimer
PostQuitMessage
RegisterClassExA
SetTimer
SetWindowsHookExA
ToAscii
TranslateMessage
UnhookWindowsHookEx
keybd_event
CallNextHookEx
GetWindowThreadProcessId
wsprintfA

shell32

SHFileOperationA
ShellExecuteA

wsock32

WSAAsyncSelect
WSACleanup
WSAStartup
accept
bind
closesocket
connect
gethostbyname
gethostname
htons
inet_addr
inet_ntoa
listen
recv
send
socket

Sections

.text
Size: 11KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4e26dbca4b65f9da1a7c42d86d3acc62

Headers

File Characteristics

Imports

kernel32

user32

shell32

wsock32

Sections

.text Size: 11KB - Virtual size: 39KB

.rdata Size: 2KB - Virtual size: 2KB

.text
Size: 11KB - Virtual size: 39KB

.rdata
Size: 2KB - Virtual size: 2KB