75a889aba42108a9d3a3d138a9a902a2

General

Target

75a889aba42108a9d3a3d138a9a902a2
Size

32KB
MD5

75a889aba42108a9d3a3d138a9a902a2
SHA1

7c146eb3f70c1c04150ad202ae2b7eb746de7aa4
SHA256

e5df1f93f3a9211e91fe737102b5841429ed9a1ad41cee8e320c8e04555d5c3f
SHA512

2e2c1cb3cd2a3fe46a28965f9dcac67cb349639f32fb12098381897ef81aa4e469a92ee83493ee0d5a9c311ab48ce27898a0c0aa4de095ad99754681ab4e3c41
SSDEEP

384:3mDtRbGlqfNS0TS2HfoBAduT8oURUss6i1R0j031UEql+TcjWUF44Pb9:3mDLJLET8i6i1ij03aEqYcaU+C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75a889aba42108a9d3a3d138a9a902a2

Files

75a889aba42108a9d3a3d138a9a902a2
.exe windows:4 windows x86 arch:x86

7448e8015cca98b8f91c6def0ec0880e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
ReadProcessMemory
FreeLibrary
GetCurrentProcess
HeapFree
FileTimeToSystemTime
FileTimeToLocalFileTime
VirtualQueryEx
HeapAlloc
GetProcessHeap
GetSystemInfo
LeaveCriticalSection
EnterCriticalSection
GetTickCount
WriteFile
ReadFile
ConnectNamedPipe
CreateNamedPipeA
InitializeCriticalSection
DeleteCriticalSection
GetExitCodeProcess
PeekNamedPipe
GetLastError
CreateProcessA
CreatePipe
GetCurrentThread
CloseHandle
GetVersionExA
TerminateProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
OpenProcess
Sleep
TerminateThread
SetEvent
CreateEventA
CreateThread
WaitForSingleObject
DisconnectNamedPipe

advapi32

StartServiceCtrlDispatcherA
RegEnumKeyExA
RegQueryInfoKeyA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
GetTokenInformation
LookupAccountSidA
SetServiceStatus
RegisterServiceCtrlHandlerA

msvcrt

??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler
sprintf
_snprintf
strstr
mbstowcs
free
malloc
atoi
_exit
_XcptFilter
exit
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_stricmp
_strnicmp
_wcsicmp

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7448e8015cca98b8f91c6def0ec0880e

Headers

File Characteristics

Imports

kernel32

advapi32

msvcrt

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 1KB - Virtual size: 80KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 1KB - Virtual size: 80KB