33b8d0799a458c793f435a6121e26151 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

33b8d0799a458c793f435a6121e26151
Size

129KB
MD5

33b8d0799a458c793f435a6121e26151
SHA1

8a68f9b4a9cd973ad27a50f2dda0a0707e78ca1a
SHA256

e2f7dfb60f625fd9400aee9a3cbad9cf8bfa6942477fbb76ec65d050dec3e89d
SHA512

8fb488a4f33e247268018c17a5cd1f12a06e8e05af96c427454021c446b89d1d217a9ebb7611babe70bb17d11f522b6ebf29a04175591c61124d344c4ac45603
SSDEEP

3072:e6s1+GAonLfm0Hr1f3AOjzAszIpo4s8cJmaA:FiHAUrR3AOvLon

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
33b8d0799a458c793f435a6121e26151

Files

33b8d0799a458c793f435a6121e26151
.exe windows:4 windows x86 arch:x86

c6023fb400ab5689adefd9931eb8bba0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
CreateProcessA
GetShortPathNameA
GetEnvironmentVariableA
lstrcpyA
lstrlenA
SetLastError
lstrcatA
GetCurrentProcess
FreeResource
SizeofResource
LoadResource
FindResourceA
GetModuleHandleA
GetLocalTime
GetCurrentThreadId
Sleep
GetStartupInfoA
SetPriorityClass
ResumeThread
GetModuleFileNameA
GetProcAddress
CreateFileA
SystemTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
WriteFile
CloseHandle
GetSystemDirectoryA
SetFileAttributesA
LoadLibraryA

user32

PostThreadMessageA
GetInputState
wsprintfA
GetMessageA

advapi32

QueryServiceStatus
StartServiceA
OpenSCManagerA
OpenServiceA
ControlService
CloseServiceHandle
DeleteService

msvcrt

_exit
_controlfp
??2@YAPAXI@Z
__CxxFrameHandler
??3@YAXPAX@Z
fread
fclose
fseek
fopen
sprintf
_except_handler3
_access
??1type_info@@UAE@XZ
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ