056df4df9ebc5b3ff28b30d97892fb87 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

056df4df9ebc5b3ff28b30d97892fb87
Size

20KB
MD5

056df4df9ebc5b3ff28b30d97892fb87
SHA1

8c7a57a2aea378844772d6b9967aa00a4e8eb9dd
SHA256

845404677bac6fa1192f35038ced7938e8e6813d98a1e9188942e5897e54c45f
SHA512

f6b2cc7f32c7044803a2ab7b400010901269bbf7076e4b094cea0b2abd14e14b7317157e50fae5ee42c4a547fd3d474f385f9cda1b85686375d28e15b67b4edd
SSDEEP

384:zRzQQEk1YJf74myGgHz1/8qrl0nAIBfND+/rdvzq+I45K555+4yG9REPh7CW4N:zRzQQEHT4PGo1E+uAINNl+h5K555D9Rp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
056df4df9ebc5b3ff28b30d97892fb87

Files

056df4df9ebc5b3ff28b30d97892fb87
.exe windows:4 windows x86 arch:x86

61b11eaa20d3cb6872100408c25df775

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempFileNameA
GetTempPathA
DeleteFileA
GetLastError
Sleep
CreateProcessA
GetSystemDirectoryA
GetFileAttributesExA
CreateFileA
SetFileTime
GetTickCount
CloseHandle

advapi32

DeleteService
OpenServiceA
StartServiceA
CreateServiceA
CloseServiceHandle
OpenSCManagerA

msvcrt

strrchr
_strlwr
strlen
fclose
fwrite
fopen
sprintf
memset
strcat
strcpy
_stricmp
rand
srand
_snprintf

shlwapi

SHSetValueA

setupapi

SetupIterateCabinetA

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 992B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ