3c15f8429ecc7049d0832e4b61b36b87 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3c15f8429ecc7049d0832e4b61b36b87
Size

17KB
MD5

3c15f8429ecc7049d0832e4b61b36b87
SHA1

ddf39f2d09878aa0f51180d2e6628d73cc8b7225
SHA256

7b1d7056f3347c141e7c8fc8db9f94696bf841204cefecfc11a8c5ce0af61b12
SHA512

fcdc3fefa8a68d5c89a7705c2da2891ee99bf6ceeac3c03988985b7663fc88443a614a4998b67b6f6dd6644c95f95ea82825f2d75f86c35480fdc127614db5ca
SSDEEP

192:QcuKI6WjEPX7gQuaGAmyxg3J2ZB8vI8X8sgecNrGQ8Mwn/qShE6FriEr4vODBo:QfAWgPX7gxaAYlB8Asw0Q8MhciLo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c15f8429ecc7049d0832e4b61b36b87

Files

3c15f8429ecc7049d0832e4b61b36b87
.exe windows:4 windows x86 arch:x86

412fccc98ab9603392f5c05b2be24d24

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
ExitProcess
GetProcAddress
LoadLibraryA
CopyFileA
GetModuleFileNameA
GetModuleHandleA
Sleep
GetLastError
DeviceIoControl
LoadResource
DeleteFileA
GetWindowsDirectoryA
FreeLibrary
GlobalFree
LoadLibraryExA
GlobalAlloc
lstrcatW
GetWindowsDirectoryW
GetVersionExA
LockResource
GetSystemDirectoryA
CreateFileA
SizeofResource
WriteFile
CloseHandle
MoveFileA
FreeResource

advapi32

OpenSCManagerA
OpenServiceA
StartServiceA
CloseServiceHandle
RegCreateKeyA
RegSetValueExA
ControlService

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 958B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ