0209a4e555ed7df3fb6cd315022cf20b

General

Target

0209a4e555ed7df3fb6cd315022cf20b
Size

39KB
MD5

0209a4e555ed7df3fb6cd315022cf20b
SHA1

86ea56de23225a9c8a9ab3e03851765ea9d8c76f
SHA256

a235c1f7963c83bbf2bdef425eb6f618446afa6f40fde075a21029ac0a853c2e
SHA512

432d70f6260342ad2c8cd78d16e92680283a520a1210fd432f75d80dd2f2a2d605de5be7932ee7c7c43ef1f681020fbf5743602e5849fd893ad394d8a9947740
SSDEEP

768:AXdZbSvLHsaDh8noZz2m7LsB089yvYvBWje8YLgWiLSege83/sv43:AXGD5ooV2NB0QvBWrWLTp3/U4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0209a4e555ed7df3fb6cd315022cf20b

Files

0209a4e555ed7df3fb6cd315022cf20b
.exe windows:4 windows x86 arch:x86

2beaf52898fc471bfcfe62e03b792c19

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
CopyFileA
FindFirstFileA
GetSystemDirectoryA
CloseHandle
SetFileTime
WriteFile
GetFileTime
CreateFileA
GlobalFree
LockResource
GlobalAlloc
LoadResource
GetLastError
FindResourceA
CreateThread
CreateRemoteThread
GetProcAddress
GetModuleHandleA
WriteProcessMemory
VirtualAllocEx
lstrlenA
OpenProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
Sleep
GetModuleFileNameA
GetShortPathNameA
GetEnvironmentVariableA
lstrcpyA
lstrcatA
GetCurrentProcess
SetPriorityClass
GetCurrentThread
SetThreadPriority
CreateProcessA
SizeofResource
ResumeThread
ExitProcess
TerminateProcess
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
RtlUnwind
GetStringTypeA
GetStringTypeW

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
StartServiceCtrlDispatcherA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenSCManagerA
CreateServiceA
OpenServiceA
CloseServiceHandle
StartServiceA
QueryServiceStatus
OpenProcessToken

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2beaf52898fc471bfcfe62e03b792c19

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 30KB - Virtual size: 29KB

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 30KB - Virtual size: 29KB