24ebbc3a08b759945b3cbd76a8774f5a

General

Target

24ebbc3a08b759945b3cbd76a8774f5a
Size

35KB
MD5

24ebbc3a08b759945b3cbd76a8774f5a
SHA1

e292cfc6613dfd75c990782270ad9c256056729a
SHA256

0840e584811fea5b63196a9b970518e2bdb39cfac3fd631988ee0054272a7dad
SHA512

47a3c175b5b747287e5092dd14d266e4bbb5f82ffced899f7675937191bd1915f36001467f35758e49a13a650f757b0c2ae39cf93d71137fad6d5b4b47118295
SSDEEP

768:WBYJqdtyzCFMtMnoQTNVM2G/i9q8I9Bde7OvF:WGYMZSoQ7i/gqr7z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24ebbc3a08b759945b3cbd76a8774f5a

Files

24ebbc3a08b759945b3cbd76a8774f5a
.exe windows:4 windows x86 arch:x86

9ee71a33b94f98adab52592bfe9e9502

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
DeviceIoControl
FreeLibrary
GlobalFree
LoadLibraryExA
GlobalAlloc
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
SetFileAttributesA
lstrcatA
WriteFile
SizeofResource
LoadResource
FindResourceA
LoadLibraryA
GetSystemTime
SetSystemTime
Sleep
CopyFileA
GetWindowsDirectoryA
GetSystemDirectoryA
GetFileTime
CloseHandle
GetLastError
SetFileTime
GetVersion
CreateFileA
DeleteFileA
GetCurrentProcess
GetSystemDirectoryW
GetStringTypeA
LCMapStringW
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapAlloc
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LCMapStringA
GetStringTypeW

advapi32

RegSetValueExA
StartServiceA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
ControlService
RegCreateKeyExA
RegCloseKey
RegCreateKeyA
RegRestoreKeyA
RegOpenKeyExA
RegSaveKeyA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges

shlwapi

StrCatW

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ee71a33b94f98adab52592bfe9e9502

Headers

File Characteristics

Imports

kernel32

advapi32

shlwapi

Sections

.text Size: 14KB - Virtual size: 14KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 7KB - Virtual size: 9KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 14KB - Virtual size: 14KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 7KB - Virtual size: 9KB

.rsrc
Size: 10KB - Virtual size: 9KB