25f1003170249103ea1f2bc78b731f42

Sharing

Copy URL Twitter E-mail

General

Target

25f1003170249103ea1f2bc78b731f42
Size

68KB
MD5

25f1003170249103ea1f2bc78b731f42
SHA1

460250ee7321fc1cb3efa48ad8518a7549db0a83
SHA256

cf247bbc011510457d6388c64455d223f9e414167e788d968cfc4352a09e0149
SHA512

49569f8d6f82dda2e8e0f5ba717de1c9b62ce487a0b3f79b1ca38a4865094dcd94046497fd961ee286890e9b2c904f6f2a02e6d2256d77cde001df71a4e0b7dc
SSDEEP

768:qpIyMAuNMxM254EyWZxjcBAI7WLfTAl5kVo5ei7UtDWQXBo4zUViZ:en5IW//ISLfTAl5KoIzi+o8U8Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25f1003170249103ea1f2bc78b731f42

Files

25f1003170249103ea1f2bc78b731f42
.dll windows:4 windows x86 arch:x86

8095674f6bddac89450c4882e69b62b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateProcessA
SetFileAttributesA
CloseHandle
FindFirstFileA
CopyFileA
LoadLibraryA
FindClose
FindNextFileA
SetFileTime
GetFileTime
CreateFileA
GetSystemDirectoryA
Sleep
GetSystemTime
GetWindowsDirectoryA
DeleteFileA
WideCharToMultiByte
MultiByteToWideChar
RemoveDirectoryA
lstrlenW
HeapFree
HeapAlloc
HeapReAlloc
RtlUnwind
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
VirtualFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
VirtualAlloc
IsBadWritePtr
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
TerminateProcess
GetCurrentProcess
HeapSize
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
SetFilePointer
GetProcAddress
SetStdHandle
FlushFileBuffers

advapi32

RegDeleteValueA
RegCreateKeyA
RegQueryValueExA
RegSetValueExA
RegCloseKey
SetServiceStatus
RegisterServiceCtrlHandlerA
RegOpenKeyA

Exports

Exports

ServiceHandler
ServiceMain

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8095674f6bddac89450c4882e69b62b9

Headers

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 34KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 1000B

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 36KB - Virtual size: 34KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 1000B

.reloc
Size: 8KB - Virtual size: 4KB