0c04abf92f3e457f64e64f825f25c589

General

Target

0c04abf92f3e457f64e64f825f25c589
Size

176KB
MD5

0c04abf92f3e457f64e64f825f25c589
SHA1

8e13c63df1645964d38ad9b5f4a6acad4f2b30ee
SHA256

cf52f52c9ed8b82f687eb746d8e9d4bccc95babeb36ec1426e16e38ac47ef5a9
SHA512

6294000c609400ccff28a612b10d238a12310bd7cdf44bc7f7675a8d5153f507ab43d65153fac74b9a5a4b39fc79609c9a8cdc1df9656031ebb725fc0b36a40b
SSDEEP

3072:g7gCLstqXFrfotc6fx7LhlxuWuB2415VxUifbuKAwi1h:wJLJFctckRmH5jDfbuKAw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0c04abf92f3e457f64e64f825f25c589

Files

0c04abf92f3e457f64e64f825f25c589
.exe windows:4 windows x86 arch:x86

069787f227b391ff2c25c1dda1d38efd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileExA
DeleteFileA
WinExec
CopyFileA
GetWindowsDirectoryA
ExitProcess
CloseHandle
HeapFree
GetProcessHeap
GetLastError
GetTempPathA
GetModuleHandleA
GetCurrentProcess
lstrlenA
GetLocalTime
GetTickCount
FindResourceA
LoadResource
LockResource
SizeofResource
CreateFileA
WriteFile
Process32Next
LoadLibraryA
GetProcAddress
GetModuleFileNameA
OutputDebugStringA
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeA
LCMapStringW
LCMapStringA
FreeLibrary
LocalAlloc
InterlockedExchange
RaiseException
GetFileAttributesA
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion
HeapAlloc
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetStdHandle
FlushFileBuffers
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
SetEndOfFile
ReadFile
GetStringTypeW

advapi32

ChangeServiceConfigA
LockServiceDatabase
UnlockServiceDatabase
ControlService
StartServiceA
OpenProcessToken
LookupPrivilegeValueA
OpenServiceA
RegCreateKeyA
RegOpenKeyA
RegSetValueExA
RegCloseKey
OpenSCManagerA
CreateServiceA
ChangeServiceConfig2A
CloseServiceHandle
GetUserNameA

netapi32

NetApiBufferFree
NetUserGetLocalGroups

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

069787f227b391ff2c25c1dda1d38efd

Headers

File Characteristics

Imports

kernel32

advapi32

netapi32

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 19KB

.rsrc Size: 120KB - Virtual size: 120KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 19KB

.rsrc
Size: 120KB - Virtual size: 120KB