25f961f0fef7b92872b891f752e356df | Triage

Sharing

Copy URL Twitter E-mail

General

Target

25f961f0fef7b92872b891f752e356df
Size

46KB
MD5

25f961f0fef7b92872b891f752e356df
SHA1

bb671a9026a6e097d7caa5fcdc2fa62bc7a9011a
SHA256

c1b34f8115082d7e0a578210c94f24b1464d1d3fbbb54857cb3c701d63c598fc
SHA512

ff1d3e57f29109fc4d92bdd066a6bd16bfb0a5741ed1e8dd22ea9a8e1e1f701a181efcda256035576108b5ecb72d0bfcbde2ab5d03f38d9e84b46fa1140468b4
SSDEEP

768:WrPbiXYv8kYeAAxstREZZrzIkksCpyC4e4m88XKDP1sS5LP:WrPbioCejoQ/IxsCoze4GX6SSV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25f961f0fef7b92872b891f752e356df

Files

25f961f0fef7b92872b891f752e356df
.exe windows:5 windows x86 arch:x86

1449c997bbeb6c68a175a905f45c43c3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
MoveFileExA
WaitForSingleObject
GetTickCount
WriteFile
Sleep
ReadFile
CreateFileA
EnterCriticalSection
SetFileAttributesA
GetTempFileNameA
OpenMutexA
GetModuleFileNameA
CreateMutexA
CloseHandle
DeleteFileA
GetSystemDirectoryA
ExitProcess

user32

LoadCursorA
SetSystemCursor
CopyIcon

advapi32

CreateServiceA

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 266B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ