725f2238687cc1b4b1d9165f70f342f9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

725f2238687cc1b4b1d9165f70f342f9
Size

48KB
MD5

725f2238687cc1b4b1d9165f70f342f9
SHA1

64fb25e2c74a9aaf30f7ce2a73b72a8db2ab0902
SHA256

34ddfeb6c957afbca3aa95978e1e7126780a4f7a189b63337a46c7bea5718ae8
SHA512

0e60bf4ef4dbdd1221e1bbe485f9751dd51a831fd9c854965c2b0102b423f17248bab4337365638b4fb2f8cad3cfe993b6c9ed02a3d5f70741b65581b49301f7
SSDEEP

384:zhTfNd04iPgh+kj95RkC2ozqQ4Bq8v8W7Wco1gQirqSGCmuismq/5Z:lTVd0DYl9bwoTKWEPiYmq/5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
725f2238687cc1b4b1d9165f70f342f9

Files

725f2238687cc1b4b1d9165f70f342f9
.exe windows:4 windows x86 arch:x86

be3afe657eef4d893c78081d04db56f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsGetValue
GetCommandLineW
HeapDestroy
SetEvent
GetModuleHandleA
HeapCreate
GetEnvironmentVariableA
GetStartupInfoA
TlsAlloc
CancelIo
lstrlenA
GetStdHandle
CreateFileA
GetACP
ReleaseMutex
GetModuleFileNameA
ResetEvent
IsBadCodePtr
SetLastError
CreateFileMappingA

advapi32

IsValidSid
CreateServiceW
RegCreateKeyExW
RegQueryValueW
InitializeSid
IsValidAcl
RegEnumKeyA
ClearEventLogW
ControlService
RegDeleteValueA
IsValidSecurityDescriptor
CreateProcessAsUserA
IsTextUnicode

stclient

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

timedate.cpl

CPlApplet

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ktyvkry
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE