50f1a0091f6dd5354f5418d089e201df

General

Target

50f1a0091f6dd5354f5418d089e201df
Size

17KB
MD5

50f1a0091f6dd5354f5418d089e201df
SHA1

f849a796e07ee53af8b9c757257d284c590df410
SHA256

def840a04d6295802222aaabcae14e0fc267ac898f70da7034307b6cde49ce75
SHA512

bfbd92673c157368645ae2f077b9fbbc166161f4162a486fc6a82a03f77b921e2a70c1191e2b0758c9179cf55520898e01d78e3d9a2928814c469ab7110a3d0b
SSDEEP

384:Pu7YPH1EusstlCqQpiVijI7kAR73jEMOVWe+8WHDrW:PtH1xsKCqHVijkR79OZY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
50f1a0091f6dd5354f5418d089e201df

Files

50f1a0091f6dd5354f5418d089e201df
.exe windows:4 windows x86 arch:x86

4c65a009dd62be9fa29a1eea57f38218

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidToStringA
UuidCreate
RpcStringFreeA

kernel32

GetProcAddress
GetModuleHandleA
lstrcpyA
lstrlenA
FreeResource
WriteFile
SizeofResource
SetFilePointer
CreateFileA
LockResource
SetLastError
FindResourceA
GetLastError
GetCurrentProcess
Sleep
GetTickCount
GetCurrentThread
TerminateProcess
GetFileAttributesA
lstrcatA
lstrcatW
MultiByteToWideChar
GetSystemDirectoryA
GetProcessHeap
HeapFree
HeapAlloc
WideCharToMultiByte
OpenProcess
lstrcmpiA
ReadProcessMemory
lstrcmpiW
CloseHandle
lstrcpynA
LoadResource

user32

ExitWindowsEx
wsprintfA

advapi32

OpenThreadToken
OpenServiceA
StartServiceA
OpenSCManagerA
CreateServiceA
CloseServiceHandle
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey
LookupPrivilegeValueA
OpenProcessToken
QueryServiceStatus
AdjustTokenPrivileges

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 62B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c65a009dd62be9fa29a1eea57f38218

Headers

DLL Characteristics

File Characteristics

Imports

rpcrt4

kernel32

user32

advapi32

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: - Virtual size: 62B

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: - Virtual size: 62B

.rsrc
Size: 8KB - Virtual size: 8KB