U8SLAmbDependencyService[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

U8SLAmbDependencyService.exe
Size

36KB
MD5

0a9b915206b4e2a6040748288227040b
SHA1

5759f26cbf2a28debd4ebddc14e264db093009e3
SHA256

66a6284801684a2fba321f5a1e3cbe23b394d9dc543097d3ab637f0940830944
SHA512

f802bf5a8c5bdeb803cd0d4b87abceb760dc0ac99c90fb58f7b4971468b88311466ae08077c5dd5e6180f2507c7e59bedd076b1dfdcb0826d49c2013d5adaff7
SSDEEP

384:raZrUdtoShynKsHrwIPPtdJwqQNg7HcrLq14M9w3N46v8hy:r44LozKs8kPCqQmjaLqOXWw8hy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
U8SLAmbDependencyService.exe

Files

U8SLAmbDependencyService.exe
.exe windows:4 windows x86 arch:x86

1c4f21a112681a4e1ec0b88c466ba89a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempPathA
InterlockedDecrement
GetLastError
MultiByteToWideChar
lstrlenA
CopyFileA
GetModuleFileNameA
WideCharToMultiByte
Sleep
GetModuleHandleA
GetCommandLineA
WaitForSingleObject
GetEnvironmentVariableA
OutputDebugStringA
FindFirstFileA
LocalFree

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

shell32

ShellExecuteExA

ole32

OleRun
CoUninitialize
CLSIDFromProgID
CLSIDFromString
CoInitialize
CoCreateInstance

oleaut32

GetErrorInfo
VariantClear
SysFreeString
VariantInit
VariantChangeType
SysAllocString

mfc42

ord1575
ord815
ord561
ord1265
ord1200
ord539
ord860
ord800
ord541
ord540
ord825
ord801
ord5651
ord3127
ord3616
ord3663
ord4278
ord6663
ord6877
ord4277
ord5442
ord823
ord3318
ord922
ord926
ord1979
ord6385
ord2818
ord665
ord5186
ord350
ord354
ord858
ord924
ord3811
ord535
ord537
ord4202
ord5683
ord668
ord3181
ord2781
ord2770
ord4129
ord356
ord538
ord6648
ord941
ord939
ord3178
ord4058
ord6883

msvcrt

_controlfp
_except_handler3
__set_app_type
__CxxFrameHandler
_mbscmp
strftime
localtime
time
fclose
fwrite
fopen
printf
_vsnprintf
_snprintf
_mbsrchr
strncpy
wcslen
_CxxThrowException
??1type_info@@UAE@XZ
__p__fmode
_onexit
_exit
_XcptFilter
exit
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__dllonexit

msvcp60

??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c4f21a112681a4e1ec0b88c466ba89a

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

ole32

oleaut32

mfc42

msvcrt

msvcp60

Sections

.text Size: 16KB - Virtual size: 14KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 16B

.text
Size: 16KB - Virtual size: 14KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 16B