015445c335f7f72a0b76901c681f48a7 | Triage

Sharing

General

Target

015445c335f7f72a0b76901c681f48a7
Size

299KB
MD5

015445c335f7f72a0b76901c681f48a7
SHA1

67a8092f792bfa24690ab4ae96d2648c4b431708
SHA256

03a8df88247ad7c2639b144187f8c6a8f03ec7ce02de0eaa4d2b0c6aa0da4e53
SHA512

47b28d2020acc337cb529a073c9935493cc120eecc18acaa65d45510e3b4f3240b10bc22c0d7aeb584b6f5248cacd213aa44ca954c458f2b31fccc45e11aa8cd
SSDEEP

6144:gI/HGKkMa0vPvde76MpBo/LiEy1n93AXiIKbUVgS1s/pqy0Lku9YAO5:gI/4Mah6MgU1n9HbKgvQRXA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
015445c335f7f72a0b76901c681f48a7

Files

015445c335f7f72a0b76901c681f48a7
.exe windows:4 windows x86 arch:x86

01281477749b707b79428f22f3e88cd2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
MultiByteToWideChar
FreeLibrary
WideCharToMultiByte
WriteFile
GetProcAddress
GetStartupInfoA
SetLastError
GetTickCount
QueryPerformanceCounter
UnhandledExceptionFilter
GetVersion
GetCommandLineA
GetModuleHandleA
SetFilePointer
lstrlenW
GetProcessHeap
lstrcpyW
GetSystemTimeAsFileTime
ExitProcess
LocalAlloc
CloseHandle
LocalFree

user32

DispatchMessageW
PostQuitMessage
wsprintfA
LoadStringA
CharNextExA
PostThreadMessageA
DispatchMessageA
CheckMenuItem
DrawIconEx
LoadMenuA
InsertMenuA
TranslateMessage

advapi32

QueryServiceStatus
OpenThreadToken
OpenServiceW
RegDeleteKeyW
OpenSCManagerW
RegOpenKeyExA
RegCloseKey
RegOpenKeyW

msvcrt

_initterm
__getmainargs
_acmdln
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__setusermatherr
realloc
free
malloc
memcpy
memchr
fclose
_exit
_XcptFilter
exit

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ