52b35f1c187f6dcdb8a5ae5b670b988e81b49dac11bcbbaa5c7c32e5cc38b30cN[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

52b35f1c187f6dcdb8a5ae5b670b988e81b49dac11bcbbaa5c7c32e5cc38b30cN.exe
Size

161KB
MD5

ece4138e55efe1729c862d9665fc8210
SHA1

56a0cfd66f857896fbaa32365a6730a244e353f6
SHA256

52b35f1c187f6dcdb8a5ae5b670b988e81b49dac11bcbbaa5c7c32e5cc38b30c
SHA512

89b2a4686100927134f39d0b27089a275e2ecd5bd689992f7a1ae366f2528ed3e57569f23a1c959765ee776d73185c0d399f03b83bdf476d68005a070378a791
SSDEEP

3072:xovbHGMgmOkvmzTzfCrBVsVbs/IPuodowrW91WPdf5YjKEiK19C:xqbHGxk+vzfCrrIuI4cdf5AKEiKPC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
52b35f1c187f6dcdb8a5ae5b670b988e81b49dac11bcbbaa5c7c32e5cc38b30cN.exe

Files

52b35f1c187f6dcdb8a5ae5b670b988e81b49dac11bcbbaa5c7c32e5cc38b30cN.exe
.exe windows:5 windows x86 arch:x86

afb02ac27e3b141b30a41003b93f37d2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtectEx
GetPriorityClass
SetLastError
InterlockedExchangeAdd
HeapDestroy
SetUnhandledExceptionFilter
GlobalFree
GetCurrentProcessId
SleepEx
GlobalAlloc
GetProcessHeap
GlobalUnlock
CloseHandle
CreateIoCompletionPort
GlobalAlloc
GetVersionExA

ntdll

NtMapViewOfSection
ZwOpenTimer
NtOpenSemaphore
NtOpenEvent
NtOpenEventPair

gdiplus

GdipAlloc
GdipGetImageWidth
GdipCreateFromHDC
GdipFillRectangleI

gdi32

GetTextExtentPoint32W

msvcrt

_wfopen
free
_wtof
_ismbblead
__getmainargs
fclose
wcsrchr

ole32

CoInitializeEx
OleUninitialize
GetRunningObjectTable
CoRegisterClassObject

oleaut32

SysStringLen

user32

SetTimer
MessageBeep
DispatchMessageW
GetWindowTextW
CallWindowProcW
SetCapture
GetClientRect
LoadImageW
FlashWindow
WindowFromPoint
GetWindowLongW
GetMenuItemCount
GetParent
DestroyAcceleratorTable
SetFocus
SetMenuItemInfoW
CharNextW
FrameRect
DestroyWindow
ShowWindow
LoadCursorW
GetWindowThreadProcessId
SetRectEmpty
SetForegroundWindow

comctl32

ImageList_DrawIndirect
ImageList_GetImageInfo

shlwapi

PathAppendW

hidnr20

_Nan
_LNan
_Mbrtowc
_Snan
_Dscale
_LCosh
_FInf
_Dtest

advapi32

RegEnumKeyExW
GetTraceLoggerHandle

shell32

ord155
SHGetFolderPathW

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

afb02ac27e3b141b30a41003b93f37d2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ntdll

gdiplus

gdi32

msvcrt

ole32

oleaut32

user32

comctl32

shlwapi

hidnr20

advapi32

shell32

Sections

.text Size: 15KB - Virtual size: 15KB

.data Size: 34KB - Virtual size: 33KB

.rsrc Size: 116KB - Virtual size: 116KB

.text
Size: 15KB - Virtual size: 15KB

.data
Size: 34KB - Virtual size: 33KB

.rsrc
Size: 116KB - Virtual size: 116KB