4eefa90c7dbb836c17429e77c1ff17d1

General

Target

4eefa90c7dbb836c17429e77c1ff17d1
Size

176KB
MD5

4eefa90c7dbb836c17429e77c1ff17d1
SHA1

73589013d5ed9f7c843b5a482e7e61d2fe588c8b
SHA256

7daa151a39ed2b018265a91b849183f2c78bc0272129c45ebda60ac179dd7ebc
SHA512

eec6170c7e19e74c1a584c12384ef356beb102a7d55c9fa6cbb9e309755c3d9b8b2a166259d86b612021a562e28fb09b83fcb82ba2499016445310524addd26e
SSDEEP

3072:gQgCLst6XFrfotc6fx7LhlxuWuB2415VxUifbuKAwi15L:bJLdFctckRmH5jDfbuKAwi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4eefa90c7dbb836c17429e77c1ff17d1

Files

4eefa90c7dbb836c17429e77c1ff17d1
.exe windows:4 windows x86 arch:x86

069787f227b391ff2c25c1dda1d38efd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileExA
DeleteFileA
WinExec
CopyFileA
GetWindowsDirectoryA
ExitProcess
CloseHandle
HeapFree
GetProcessHeap
GetLastError
GetTempPathA
GetModuleHandleA
GetCurrentProcess
lstrlenA
GetLocalTime
GetTickCount
FindResourceA
LoadResource
LockResource
SizeofResource
CreateFileA
WriteFile
Process32Next
LoadLibraryA
GetProcAddress
GetModuleFileNameA
OutputDebugStringA
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeA
LCMapStringW
LCMapStringA
FreeLibrary
LocalAlloc
InterlockedExchange
RaiseException
GetFileAttributesA
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion
HeapAlloc
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
SetStdHandle
FlushFileBuffers
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
SetEndOfFile
ReadFile
GetStringTypeW

advapi32

ChangeServiceConfigA
LockServiceDatabase
UnlockServiceDatabase
ControlService
StartServiceA
OpenProcessToken
LookupPrivilegeValueA
OpenServiceA
RegCreateKeyA
RegOpenKeyA
RegSetValueExA
RegCloseKey
OpenSCManagerA
CreateServiceA
ChangeServiceConfig2A
CloseServiceHandle
GetUserNameA

netapi32

NetApiBufferFree
NetUserGetLocalGroups

Sections

.text
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

069787f227b391ff2c25c1dda1d38efd

Headers

File Characteristics

Imports

kernel32

advapi32

netapi32

Sections

.text Size: 32KB - Virtual size: 29KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 19KB

.rsrc Size: 120KB - Virtual size: 120KB

.text
Size: 32KB - Virtual size: 29KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 19KB

.rsrc
Size: 120KB - Virtual size: 120KB