46860db37bc93d965808f4bab3fd2a5c

General

Target

46860db37bc93d965808f4bab3fd2a5c
Size

28KB
MD5

46860db37bc93d965808f4bab3fd2a5c
SHA1

c6bfd9aad6a22c5ac3f73e0e5d5d8eb5b5291442
SHA256

9ae4bc16427d0e20b3017308a976805e9596690fa550ba2b2a6ff6cb922657ee
SHA512

42f84226d9dbe12aad6813b8cea43d55b5b6ee0a5ec161c3f3ade577ccacbec93a80677c8a6180ed17755e99619b055c89fd641ce80e3cd299b0a2d01959bf26
SSDEEP

384:bYuInteLO/YP/rss/zmlwkO/yyltj8ehKV5o5z:+83PTd/x/y6tj8ehw5o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46860db37bc93d965808f4bab3fd2a5c

Files

46860db37bc93d965808f4bab3fd2a5c
.exe windows:4 windows x86 arch:x86

bbe70565182b13a547b90d46e1c07aca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileA
GetFileAttributesExA
HeapFree
GetProcessHeap
HeapAlloc
GetModuleFileNameA
SetFilePointer
WriteFile
MultiByteToWideChar
WideCharToMultiByte
ExpandEnvironmentStringsA
CloseHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetStringTypeA
LCMapStringW
GetStringTypeW
LoadLibraryA
GetProcAddress
LCMapStringA
GetModuleHandleA
CreateFileA
FreeEnvironmentStringsW
GetEnvironmentStrings
HeapReAlloc
VirtualAlloc
GetCPInfo
VirtualFree
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetACP
SetHandleCount
RtlUnwind
GetOEMCP
GetEnvironmentStringsW
GetStdHandle
GetFileType
HeapDestroy
HeapCreate

user32

DispatchMessageA
TranslateMessage
RegisterWindowMessageA
SetTimer
KillTimer
DefWindowProcA
LoadCursorA
RegisterClassExA
GetMessageA
CreateWindowExA
GetClassInfoA
FindWindowA

advapi32

StartServiceA
QueryServiceStatus
OpenSCManagerA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyExA
RegEnumValueA
RegDeleteValueA
RegQueryValueExA
ChangeServiceConfigA
QueryServiceConfigA
CloseServiceHandle
OpenServiceA
CreateServiceA

shell32

ShellExecuteA

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

bbe70565182b13a547b90d46e1c07aca

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 16KB - Virtual size: 14KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 3KB

.text
Size: 16KB - Virtual size: 14KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 3KB