c52828dbf62fc52ae750ada43c505c934f1faeb9c58d71c76bdb398a3fbbe1e2

Sharing

Copy URL Twitter E-mail

General

Target

c52828dbf62fc52ae750ada43c505c934f1faeb9c58d71c76bdb398a3fbbe1e2
Size

105KB
MD5

6391ab75ac20f2f59179092446ed5052
SHA1

12ab7d74370f5da0f8ef58d3c306a91c5b28a5ad
SHA256

c52828dbf62fc52ae750ada43c505c934f1faeb9c58d71c76bdb398a3fbbe1e2
SHA512

d09e03f122d30da27502433f821c5c8d4d444d966053d0f3ad683c277207d3a89110f190dd5a9f4e23e0769e9b3ac269dfba18bc4c451ff1433b25be2c429760
SSDEEP

1536:K739rVGs8Q1Irs6JWgaTGJbzNkYmhbdTA:M394sj1Ir/lVzpmhbdTA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c52828dbf62fc52ae750ada43c505c934f1faeb9c58d71c76bdb398a3fbbe1e2

Files

c52828dbf62fc52ae750ada43c505c934f1faeb9c58d71c76bdb398a3fbbe1e2
.dll windows:5 windows x86 arch:x86

097b05cf0b410af0d22fa94345f05d34

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
FindFirstFileW
GetCurrentProcess
GetModuleHandleW
CopyFileW
CreateEventA
GetModuleFileNameW
CreateDirectoryA
GetProcAddress
VirtualAlloc
OpenEventA
SetCurrentDirectoryW
GetModuleFileNameA
EnumDateFormatsA
IsDebuggerPresent
OutputDebugStringA
CloseHandle
CheckRemoteDebuggerPresent
ResumeThread
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
GetCurrentThreadId
DecodePointer
GetCommandLineA
EncodePointer
HeapAlloc
RaiseException
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
HeapFree
Sleep
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
HeapSize
WriteFile
LeaveCriticalSection
EnterCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapReAlloc
LoadLibraryW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
RtlUnwind
LCMapStringW
MultiByteToWideChar
GetStringTypeW

user32

MessageBoxA

shlwapi

SHSetValueA

Exports

Exports

?Main_Exit1@@YAXXZ
?Main_Exit@@YAXXZ
DoSettingsDialog
DoSettingsDialogW
InstallEventHook
Install_EventHook

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

097b05cf0b410af0d22fa94345f05d34

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shlwapi

Exports

Exports

Sections

.text Size: 83KB - Virtual size: 83KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 3KB - Virtual size: 7KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 83KB - Virtual size: 83KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 3KB - Virtual size: 7KB

.reloc
Size: 5KB - Virtual size: 4KB