1109a0fe2dc720b2ec729caf0ba0f759 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1109a0fe2dc720b2ec729caf0ba0f759
Size

59KB
MD5

1109a0fe2dc720b2ec729caf0ba0f759
SHA1

7d32048fdbaff1c5238785c3a5a50ddb80c3ef8b
SHA256

e990767ab18a1e7441a95d721a9d0ca03cf4a0e2045b2d2e92099378431ac2a2
SHA512

4f231793bf9286d5d6076cfca294e217913e669063d4834fb93996070fb19c3f3d9e13b25c75ac60a0547d54be18796c938be4f6428d1cf2661477b2f4a78bb8
SSDEEP

1536:HEC3/qG601h+CiJqP0DPYq4lfV3G5JJVg:pyCkTFDQs5Ng

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1109a0fe2dc720b2ec729caf0ba0f759

Files

1109a0fe2dc720b2ec729caf0ba0f759
.exe windows:4 windows x86 arch:x86

2cb7838e78a7d8e2dd812be06e2c94ff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WinExec
FindFirstFileA
GlobalFree
DeviceIoControl
GlobalAlloc
Sleep
DeleteFileA
GetTempFileNameA
GetTempPathA
CreateProcessA
FindNextFileA
GetTickCount
GetProcAddress
GetModuleHandleA
GetLastError
GetModuleFileNameA
GetSystemDirectoryA
GetFileAttributesExA
CreateFileA
SetFileTime
GetVersionExA
CloseHandle
FindClose

advapi32

OpenServiceA
StartServiceA
CreateServiceA
CloseServiceHandle
OpenSCManagerA
DeleteService

msvcrt

_snprintf
??3@YAXPAX@Z
_stricmp
srand
rand
strrchr
fclose
fwrite
fopen
strlen
_strlwr
strncat
memset
__CxxFrameHandler
time
sprintf
strcat
memmove
memcpy
strcpy

shlwapi

SHSetValueA
SHGetValueA

rpcrt4

UuidToStringA
UuidCreate
RpcStringFreeA

setupapi

SetupIterateCabinetA

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CRT
Size: 16B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ