375505cd463465336711f8473d81b288

Sharing

Copy URL Twitter E-mail

General

Target

375505cd463465336711f8473d81b288
Size

72KB
MD5

375505cd463465336711f8473d81b288
SHA1

15aea6d3cb312a8ec3283ad15201a265981b4dc3
SHA256

bdcd2dc5bd5edaa04a3cc13a95eb0fcaae9abd6e939c2bd3aec2c1ea87e7b091
SHA512

41b10320afb08f6685aeef31cc4b9f0b86554feca879f582128adc7196801c9f3bea3eca9697987c48370e286312a9622714be62e5c2dd186fef40621d98466e
SSDEEP

1536:y4C04Zl1UCqZm61/qkMLovi/+aFRcHsIlcI:y4CFcz1/qnzQMIlcI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
375505cd463465336711f8473d81b288

Files

375505cd463465336711f8473d81b288
.exe windows:4 windows x86 arch:x86

f4b7bd1af0f0aed7a3bd28119f317d9a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetSystemTimeAsFileTime
GetPrivateProfileSectionA
FlushFileBuffers
SetStdHandle
GetCurrentThreadId
GetLastError
Sleep
GetModuleFileNameA
GetShortPathNameA
MapViewOfFile
CreateFileMappingA
CreateProcessA
CreateDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
GetWindowsDirectoryA
GetVersionExA
CreateToolhelp32Snapshot
Process32First
CloseHandle
Process32Next
OpenProcess
WideCharToMultiByte
RaiseException
RtlUnwind
HeapFree
GetCommandLineA
HeapAlloc
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetCPInfo
ExitProcess
TerminateProcess
GetCurrentProcess
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
HeapReAlloc
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetACP
GetOEMCP
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
IsBadReadPtr
IsBadCodePtr
InterlockedExchange
SetFilePointer

advapi32

RegisterServiceCtrlHandlerA
RegQueryInfoKeyA
StartServiceCtrlDispatcherA
SetServiceStatus
ControlService
DeleteService
StartServiceA
QueryServiceStatus
CreateServiceA
ChangeServiceConfig2A
RegCreateKeyA
RegSetValueExA
RegCloseKey
OpenSCManagerA
OpenServiceA
CloseServiceHandle
DeregisterEventSource
GetUserNameA
CreateProcessAsUserA
OpenProcessToken

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f4b7bd1af0f0aed7a3bd28119f317d9a

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 880B

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 880B