02af57a02e49a639c97114a25f727bbf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02af57a02e49a639c97114a25f727bbf
Size

34KB
MD5

02af57a02e49a639c97114a25f727bbf
SHA1

27c030177a58cedfe287695cc60bb2e670a3a5a2
SHA256

18c30380a8f78efad244137785dd57cf6cba93e6d5550fc28cd10423c43ec60c
SHA512

0d90eea71f88384371c0b5437c96b86dd15b31610d3e0c5b1cd971dd02e5164680da23b383cd657b400eb9a0ddbfffbdcb4438b0f93e90f52b3814b859b31d5c
SSDEEP

384:4nxbnTnirmuFAktg7jEbeNfSPwklBfdKF4rjDU7PL7raIO0Y3dLfZ:ATiquFAkcEbeNfSPwUxdKFsga/5fZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02af57a02e49a639c97114a25f727bbf

Files

02af57a02e49a639c97114a25f727bbf
.exe windows:6 windows x86 arch:x86

3f1a23a47840e0cca5a846f169cc0a61

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CloseServiceHandle
StartServiceA
CreateServiceA
OpenServiceA
OpenSCManagerA
RegCloseKey
RegSetValueA
RegCreateKeyA
RegSetValueExA

kernel32

HeapAlloc
GetProcessHeap
HeapFree
ExitProcess
CreateProcessA
GetEnvironmentVariableA
lstrcatA
GetShortPathNameA
lstrlenA
lstrcpyA
GetCommandLineA
FreeResource
LockResource
SizeofResource
LoadResource
FindResourceA
CloseHandle
WriteFile
CreateFileA
QueryPerformanceCounter
GetLastError
DeviceIoControl
GetProcAddress
LoadLibraryA
Sleep
MoveFileExA
GetVersionExA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 812B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ