52b78065601a5a986facbeb817050fcf0d45cab20098702dfc3637a48d411039

General

Target

52b78065601a5a986facbeb817050fcf0d45cab20098702dfc3637a48d411039
Size

1.8MB
MD5

672f58216951608515b87d56bedbe6c8
SHA1

d00a364f0ca9ba047cc748b2bcf6b61ab46bc738
SHA256

52b78065601a5a986facbeb817050fcf0d45cab20098702dfc3637a48d411039
SHA512

88a8c74501c12e125d5967b4b3dc446688cfc85ee4c3f0718ffb7a4727dfdcfa677520c163d102c652a0d304671de56866d961991b0413331b334f59a536849b
SSDEEP

24576:NMPD+QiNWFFvaxuW2Eez4W0hZutixcBMkkt0QdQezjvFmNm7Wmk1Mny9F9SV:WL3ih4W2kZpcW+QdJjLs1FcV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52b78065601a5a986facbeb817050fcf0d45cab20098702dfc3637a48d411039

Files

52b78065601a5a986facbeb817050fcf0d45cab20098702dfc3637a48d411039
.dll windows:5 windows x86 arch:x86

41df5ae8b645fb87b8d4a56468358e53

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
SetPriorityClass
GetStringTypeA
AreFileApisANSI
GetModuleHandleW
OutputDebugStringA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetProcAddress
TlsGetValue
TlsSetValue
SetLastError
GetCurrentThreadId
GetLastError
CompareStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
GetStringTypeW
LeaveCriticalSection
EnterCriticalSection
HeapFree
Sleep
ExitProcess
GetLocaleInfoA
HeapAlloc
InitializeCriticalSectionAndSpinCount
WriteFile
GetStdHandle
GetModuleFileNameA
VirtualFree
VirtualAlloc
HeapReAlloc
LoadLibraryA
RtlUnwind

mprapi

MprAdminInterfaceTransportGetInfo

gdi32

SetDCPenColor

oleaut32

GetRecordInfoFromGuids

user32

ToAscii
SetForegroundWindow

Exports

Exports

AwcdthodsHlu

Sections

.text
Size: 944KB - Virtual size: 943KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 828KB - Virtual size: 827KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41df5ae8b645fb87b8d4a56468358e53

Headers

File Characteristics

Imports

kernel32

mprapi

gdi32

oleaut32

user32

Exports

Exports

Sections

.text Size: 944KB - Virtual size: 943KB

.rdata Size: 828KB - Virtual size: 827KB

.data Size: 64KB - Virtual size: 64KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 36KB - Virtual size: 35KB

.text
Size: 944KB - Virtual size: 943KB

.rdata
Size: 828KB - Virtual size: 827KB

.data
Size: 64KB - Virtual size: 64KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 36KB - Virtual size: 35KB