49e93c6b650414ab74165dc4f7eabffa

Sharing

Copy URL

Twitter E-mail

General

Target

49e93c6b650414ab74165dc4f7eabffa
Size

2.1MB
MD5

49e93c6b650414ab74165dc4f7eabffa
SHA1

724f576c34400fa0f2b29df85e968c0751eebb04
SHA256

f8fa4767ef0483fc14c3192a1d07989ad40a29b6c3151bde7d1d18ca30053040
SHA512

7e0ba61e7284ef10ee893a0cd993421d9b229791af42fa14779303eea2684df2ec7df613158fe7d38bf7831fb575cb0350b3fbc92fbf690d59f1e43b7a0f94c9
SSDEEP

49152:wf1l/YYZyYOuAgZiTah67UDaZfat1rm1eNz0JM:W/5ZyruAgZiTahyUEC3zP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49e93c6b650414ab74165dc4f7eabffa

Files

49e93c6b650414ab74165dc4f7eabffa
.exe windows:4 windows x86 arch:x86

cba9d6a839922cd31ef242a1745c2275

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
SetForegroundWindow
SetWindowPos

shell32

CommandLineToArgvW
ShellExecuteExA
ShellExecuteExW

advapi32

RegOpenKeyExW
OpenServiceA
StartServiceCtrlDispatcherW
ControlService
DeleteService
OpenServiceW
StartServiceA
OpenSCManagerA
SetServiceStatus
RegisterServiceCtrlHandlerA
RegCloseKey
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExA
CloseServiceHandle
CreateServiceW

kernel32

GetFileAttributesA
SetEndOfFile
CreateFileA
CompareStringA
CompareStringW
SetUnhandledExceptionFilter
WaitForSingleObject
FreeLibrary
GetCurrentProcess
GetProcAddress
LoadLibraryA
GetSystemTime
SetEnvironmentVariableW
GetEnvironmentVariableW
SetEnvironmentVariableA
GetEnvironmentVariableA
MultiByteToWideChar
WideCharToMultiByte
GlobalAlloc
GlobalFree
GetVersionExW
SizeofResource
LockResource
LoadResource
FindResourceA
GetModuleHandleA
LoadLibraryW
GetLastError
GetModuleFileNameW
GetModuleFileNameA
GetCommandLineW
Sleep
CreateThread
CreateProcessA
CreateProcessW
SetConsoleCtrlHandler
ExitProcess
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFullPathNameW
GetDriveTypeA
GetFullPathNameA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetSystemTimeAsFileTime
HeapAlloc
GetCommandLineA
HeapFree
GetVersionExA
GetProcessHeap
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
RaiseException
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
WriteFile
GetStdHandle
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
CloseHandle
RtlUnwind
ReadFile
VirtualFree
VirtualAlloc
HeapReAlloc
HeapDestroy
HeapCreate
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetCPInfo
GetACP
GetOEMCP
HeapSize
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
SetStdHandle
FlushFileBuffers
CreateFileW
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetExitCodeProcess

Sections

.text
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cba9d6a839922cd31ef242a1745c2275

Headers

File Characteristics

Imports

user32

shell32

advapi32

kernel32

Sections

.text Size: 100KB - Virtual size: 97KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 28KB

Shared Size: 4KB - Virtual size: 4B

.rsrc Size: 2.0MB - Virtual size: 2.0MB

.text
Size: 100KB - Virtual size: 97KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 28KB

Shared
Size: 4KB - Virtual size: 4B

.rsrc
Size: 2.0MB - Virtual size: 2.0MB