04b21a4603794bc0ff892f586e15d7ab

General

Target

04b21a4603794bc0ff892f586e15d7ab
Size

132KB
MD5

04b21a4603794bc0ff892f586e15d7ab
SHA1

8775dfe433d0c0458f20ed2a8484dfdb0ac1c3ab
SHA256

e2e47d21a0ef431b7a63b1ebc2ec44849a173ba914306799166aeb636098d5e6
SHA512

f8cb32f7bf9f82c1e054a607acfbc067bb38be108fefc4ec38ed677c571f668f0589a5a3ad8261edc7f79b70e13c5464da9cca6a43c6ade07c070262a84b26b3
SSDEEP

3072:DxjwOU8MXzJuS3bx2RxTE0iGP9bgfZfJSV58ySo0Cnffj4bffffffffffffffffs:Dxjw8Srx+TE0iGVCNsVP+0ffj4bffffs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04b21a4603794bc0ff892f586e15d7ab

Files

04b21a4603794bc0ff892f586e15d7ab
.exe windows:4 windows x86 arch:x86

9051fe55af2c2b5c118dc57a9c517f7d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
GlobalAlloc
WinExec
GetModuleFileNameA
GlobalUnlock
GetVersionExA
GetStartupInfoA
GetModuleHandleA
GlobalFree
Sleep
GetSystemDirectoryA
GetFileAttributesExA
SetFileTime
CloseHandle
GetLastError
LoadLibraryA
GetProcAddress
CreateFileA

user32

GetDesktopWindow
TranslateMessage
GetMessageA
ShowWindow
CreateWindowExA
DefWindowProcA
PostQuitMessage
RegisterClassExA
DispatchMessageA

advapi32

ConvertSidToStringSidA
RegCloseKey
OpenServiceA
DeleteService
CloseServiceHandle
RegOpenKeyExA
StartServiceA
CreateServiceA
OpenSCManagerA
LookupAccountNameA
GetUserNameA
RegQueryValueExA

shlwapi

SHDeleteKeyA
StrStrA
SHSetValueA

msvcrt

_exit
_strlwr
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
rand
srand
time
sprintf
_access
strstr
_except_handler3
fclose
fflush
fwrite
fopen
??3@YAXPAX@Z
??2@YAPAXI@Z
_stricmp
_XcptFilter
exit
_acmdln
__getmainargs

dbghelp

ImageNtHeader

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9051fe55af2c2b5c118dc57a9c517f7d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

msvcrt

dbghelp

version

Sections

.text Size: 16KB - Virtual size: 14KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 104KB - Virtual size: 101KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 14KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 104KB - Virtual size: 101KB

.rsrc
Size: 4KB - Virtual size: 1KB