3a16a687d5d0abd69e0e0c07be9c43ea | Triage

Sharing

General

Target

3a16a687d5d0abd69e0e0c07be9c43ea
Size

17KB
MD5

3a16a687d5d0abd69e0e0c07be9c43ea
SHA1

6470558da02ab2db09a6281723f131bd496aca13
SHA256

9d1ea8ab427905dc611d08d3bfb6c9d2581d69dbeed19aa9cc05f95f3250d54d
SHA512

32b702af728eada1b09d3079b713705c921c261cdfc737086b2af35c154973906f281daa398c72505f70706b0f22b499ff6f41b1703ff65beabfd009cea1bdb7
SSDEEP

384:oFjpcuddCkjFms7t4hRLjSb8+hhp2MRL7gLKCe/y:o9p7dw8a2b8+hhrz/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a16a687d5d0abd69e0e0c07be9c43ea

Files

3a16a687d5d0abd69e0e0c07be9c43ea
.exe windows:4 windows x86 arch:x86

cc4f0452db07a4f9dad95e0fd48a467a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
SizeofResource
CreateFileA
LoadResource
FindResourceA
GetLastError
DeviceIoControl
FreeLibrary
CloseHandle
LoadLibraryExA
GlobalAlloc
ReadFile
GetFileSize
SetFileAttributesA
lstrcatA
GetSystemDirectoryA
MultiByteToWideChar
LoadLibraryA
GetProcAddress
GetVersion
GlobalFree
GetModuleHandleA
HeapAlloc
HeapFree
GetStartupInfoA
GetCommandLineA
ExitProcess
GetProcessHeap

advapi32

OpenSCManagerA
OpenServiceA
CloseServiceHandle
ControlService
StartServiceA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ