02b376d4f800c79418df75dd64fdc980 | Triage

Sharing

General

Target

02b376d4f800c79418df75dd64fdc980
Size

159KB
MD5

02b376d4f800c79418df75dd64fdc980
SHA1

95fa70a25ab4ad70a275ba2ce067c7803d0298c2
SHA256

f1730917b24c30690471761d7034db3e18c11b4b38162e8990bcaca2aa827405
SHA512

8a9014e7867233a6d25969c1a4a5b6b937019b9c981826c3b01d054123ea6536f953fe5b9a38e80ba6a3964aab5c7068c11b404de85bc0ef56eac15db559d0cf
SSDEEP

3072:33/Iwsnanh49xpm1vbdygBmq07GTowCpRKG0TqeP+xf/wTt:3AwsnCO9xQ1vR9Bmq07GTwXKGd+t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02b376d4f800c79418df75dd64fdc980

Files

02b376d4f800c79418df75dd64fdc980
.exe windows:5 windows x86 arch:x86

c528f8e633991bb6e5bf7ad0136ddd7e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetCommandLineA
ExitProcess
TerminateProcess
GetCurrentProcess
WaitForSingleObject
CreateThread
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetSystemInfo

user32

MessageBoxA

Exports

Exports

ServiceMain

Sections

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ