504f04ac1c0ebee4e97546da5784f76d

General

Target

504f04ac1c0ebee4e97546da5784f76d
Size

72KB
MD5

504f04ac1c0ebee4e97546da5784f76d
SHA1

5b73a46add232921de088b7a24cb6742cd4ac275
SHA256

19477b28f88d5f3685306047689484dc8fc97daafbd3daa61487d0a13ced55a0
SHA512

1e1ffe0596d83c9348dc8cf3dd5e4d8151e15015b9a4fc69c6dba9c648ac40b30aa09f7147b64292f0d4e6d3bb0517af2c5791db9ca1f8f07a388a65b782e2e0
SSDEEP

1536:YP6oN+iMRMuFnToIfGNvxQQvJ0ehEdfDYsvYBRaAosy:YP6oN+iMntTBfGSYsvYBEA+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
504f04ac1c0ebee4e97546da5784f76d

Files

504f04ac1c0ebee4e97546da5784f76d
.dll windows:4 windows x86 arch:x86

39d714abcad5c71eface686086daf12c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
Sleep
ReadFile
CreateProcessA
GetProcAddress
LoadLibraryA
GetStartupInfoA
CloseHandle
CreatePipe
FindNextFileA
GetLastError
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
DeleteFileA
GetCurrentProcess
SetLastError
lstrlenA
Process32Next
GetPriorityClass
OpenProcess
Module32First
lstrcpyA
WaitForSingleObject
MoveFileExA
GetModuleFileNameA
GetTickCount
SetThreadPriority
GetCurrentThread
GetFileSize
CreateFileA
WriteFile
FreeConsole
Process32First
MoveFileA
GetTempPathA
GlobalMemoryStatus
GetVersionExA
GetComputerNameA
InterlockedExchange
HeapAlloc
GetCurrentProcessId
GetCurrentThreadId
RaiseException
LocalAlloc

msvcrt

??2@YAPAXI@Z
__CxxFrameHandler
_CxxThrowException
_except_handler3
atoi
strcspn
strstr
??3@YAXPAX@Z
_ftol
wcstombs
rand
srand
malloc
??1type_info@@UAE@XZ
__dllonexit
_onexit
free
_initterm
_adjust_fdiv
strncpy
sprintf
strncat
_strlwr
_strcmpi

Exports

Exports

HaHaUninstawl
Install
RunInstall
ServiceMain

Sections

.text
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

39d714abcad5c71eface686086daf12c

Headers

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 65KB - Virtual size: 64KB

.rsrc Size: 1024B - Virtual size: 728B

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 65KB - Virtual size: 64KB

.rsrc
Size: 1024B - Virtual size: 728B

.reloc
Size: 3KB - Virtual size: 3KB