7f2fa5e6e1b91cef1abaabf9deb8d8a8 | Triage

Sharing

General

Target

7f2fa5e6e1b91cef1abaabf9deb8d8a8
Size

21KB
MD5

7f2fa5e6e1b91cef1abaabf9deb8d8a8
SHA1

30c67e926d87c6b7d56a8b519846147e0ca20cec
SHA256

7dd08465bf4c332a6376262ad823e1bd554b5b9fe5576826730f5f30ef25dbbe
SHA512

8f6b2605a38fc029918c563c40034e82818a92c50fe3d8e76c91d01bfc5ee45295e0509b4bc5e8dcf4ac75c3d8dd000cc5cf083cf05c20bfa3620e180c9bb14d
SSDEEP

384:gKHlpQxVmFDAKOPQ6htarqUOfkpSS/eJEeBVkStMRqKC8IoVfU9XfPdi555J4197:FQxsFDXiQ6WrqV+/e2CVhJX9XfPdi556

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f2fa5e6e1b91cef1abaabf9deb8d8a8

Files

7f2fa5e6e1b91cef1abaabf9deb8d8a8
.exe windows:4 windows x86 arch:x86

c0fdf3e193c54fa2bf9cf2c8d3faed27

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesExA
CreateProcessA
Sleep
GetTempFileNameA
GetTempPathA
SetFileTime
GetModuleFileNameA
GetLastError
GetSystemDirectoryA
DeleteFileA
MoveFileExA
DeviceIoControl
CloseHandle
CreateFileA
GetWindowsDirectoryA
GetTickCount

advapi32

ControlService
OpenServiceA
StartServiceA
CreateServiceA
CloseServiceHandle
OpenSCManagerA
DeleteService

msvcrt

memset
_strlwr
strlen
fclose
fwrite
fopen
strncpy
fread
strcat
strcpy
sprintf
_stricmp
strrchr
rand
srand
_snprintf

shlwapi

SHSetValueA

setupapi

SetupIterateCabinetA

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 992B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ