77da6f681ae3978059feef14d2fb431f

Sharing

Copy URL

Twitter E-mail

General

Target

77da6f681ae3978059feef14d2fb431f
Size

201KB
MD5

77da6f681ae3978059feef14d2fb431f
SHA1

00e18706bc828bb4c8d42d18c4de8e09a25b3ea2
SHA256

39fca9504e934bdc19e7ac6b71d3df958b31acce344cc07d30cae8b0d0f1290b
SHA512

0830c1bcfcb7bbc4e743e7a0a2a591d0486b0d6d0228e06d6d49455b1f158f1ec5a056d554c004b51124c722d3770674753da035852b747fd3fe74693c8855e4
SSDEEP

3072:66aQ23z9ObAX40+p1DlUiue0HpfNgv4O0fmfVp75Rhuu+gM/4VMdaXZimdq+a24:66Lo9A51RlUiF0EVptRhuu+B/4VMHU74

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/svcmain.exe

Files

77da6f681ae3978059feef14d2fb431f
.zip
svcmain.exe
.exe windows:4 windows x86 arch:x86

fc83bd63f7335993bf919a50563ed1d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
lstrlenA
WideCharToMultiByte
SetEvent
LockResource
CreateEventA
CloseHandle
FindResourceExA
FindFirstFileA
FindClose
CreateFileA
FindResourceA
Sleep
WaitForSingleObject
LoadResource
SizeofResource
WriteFile
HeapAlloc
HeapReAlloc
HeapFree
VirtualAlloc
GetProcAddress
GetModuleHandleA
MoveFileA
GetSystemTimeAsFileTime
GetCommandLineA
GetVersionExA
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualFree
HeapDestroy
HeapCreate
ExitProcess
GetStdHandle
GetModuleFileNameA
HeapSize
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
InitializeCriticalSection
RtlUnwind
LoadLibraryA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
FlushFileBuffers
GetThreadLocale
RaiseException
MultiByteToWideChar
CompareStringA
CompareStringW
GetTimeZoneInformation
GetLastError

user32

UnregisterClassA

advapi32

RegQueryValueExA
RegCreateKeyExA
RegCloseKey
StartServiceCtrlDispatcherA
RegOpenKeyExA
RegSetValueExA
RegisterServiceCtrlHandlerA
SetServiceStatus

shell32

SHGetFolderPathA

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 184KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc83bd63f7335993bf919a50563ed1d3

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 184KB - Virtual size: 192KB

.rsrc Size: 4KB - Virtual size: 176B

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 184KB - Virtual size: 192KB

.rsrc
Size: 4KB - Virtual size: 176B