289c522931bf09786bd7a02c5d3165cb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

289c522931bf09786bd7a02c5d3165cb
Size

8KB
MD5

289c522931bf09786bd7a02c5d3165cb
SHA1

0100097d05e357bb9fab4db4dd7c5bc2bad1419f
SHA256

1dceb50ed8cfd3942566fc9612f9534308d787ab40405bd4d42b0b91ce31f9a6
SHA512

dc7f890de10835df102249c6f49c6177081ff5e3f3891cf747eea65ebfce5fcd644a57c8b2b1dce4fb85f429036e12abc75cfb466d1f36202af9eb7cf3c3dfaf
SSDEEP

96:Pj6l1QPoswDGMpd+iKNUv9WW/y+xOs58uMfqpDr3Tkwf:UMoMigGFfKgguMfy3TVf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
289c522931bf09786bd7a02c5d3165cb

Files

289c522931bf09786bd7a02c5d3165cb
.dll windows:4 windows x86 arch:x86

2313b1d22b98066bfda7b50d64c952b8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
DeviceIoControl
FreeLibrary
GlobalFree
LoadLibraryExA
GlobalAlloc
GetProcAddress
FindResourceA
ReadFile
GetFileSize
Sleep
SetFileAttributesA
lstrcatA
GetSystemDirectoryA
LoadResource
CreateFileA
SizeofResource
WriteFile
GetModuleHandleA
CloseHandle

advapi32

OpenSCManagerA
OpenServiceA
CloseServiceHandle
ControlService
StartServiceA

msvcrt

??2@YAPAXI@Z
fclose
fwrite
fseek
fopen
??3@YAXPAX@Z
free
_initterm
malloc
_adjust_fdiv

Exports

Exports

ReSS

Sections

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 266B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ