f9fea5855c37cb65ddaecce010e97200

General

Target

f9fea5855c37cb65ddaecce010e97200
Size

24KB
MD5

f9fea5855c37cb65ddaecce010e97200
SHA1

5aa646de7cf405c99c609ec88176c8ff438095ac
SHA256

9fefbc9c3359514c5871805e91c97613dbf1614427e77214d85eed1a567e863d
SHA512

61917b240e22fe2cda1eebc3b69635c763269d33174cbb2d6803798be43e44744468cf71bd1cd5b48b036322562ca0b8f20ef1c8c1e1ddbc288908a0d9e24818
SSDEEP

192:80xy4AmxhB3pEAbc7QCwvk92wl6wgT88R39DvUoynA608cUu:8MHAahYz7hIEgT8Q9Dc+6dI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9fea5855c37cb65ddaecce010e97200

Files

f9fea5855c37cb65ddaecce010e97200
.exe windows:4 windows x86 arch:x86

48abc1227d49cc98da8c6b5ad3241d1b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoW
GetTickCount
FreeLibrary
OutputDebugStringA
SetFileAttributesA
GetModuleFileNameA
GetTempPathA
ReleaseMutex
OpenMutexA
WaitForSingleObject
GetComputerNameA
MoveFileExA
CopyFileA
CreateMutexA
GetCurrentThreadId
GetLastError
RaiseException
InterlockedExchange
LocalAlloc
GetStartupInfoA
Sleep
lstrcpyA
LoadLibraryA
GetProcAddress
GlobalMemoryStatusEx
CreateFileA
CreateThread
CloseHandle
GetModuleHandleA

user32

GetMessageA
wsprintfA
GetDesktopWindow
PostThreadMessageA

advapi32

OpenSCManagerA
OpenServiceA
DeleteService
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA

shell32

SHGetSpecialFolderPathA
ShellExecuteA

msvcrt

_acmdln
strcat
??2@YAPAXI@Z
strlen
strstr
strcpy
__CxxFrameHandler
_CxxThrowException
rand
atoi
strncpy
strcspn
exit
memcpy
clock
??3@YAXPAX@Z
??1type_info@@UAE@XZ
_exit
_XcptFilter
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

48abc1227d49cc98da8c6b5ad3241d1b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

msvcrt

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 16B

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 16B