67b1097bf2866488f87112f3723d45c3

General

Target

67b1097bf2866488f87112f3723d45c3
Size

84KB
MD5

67b1097bf2866488f87112f3723d45c3
SHA1

a377b2fdabb34749cfe9d0f8fb18e9eb20b63765
SHA256

f224b0678fb21584d8f49fc1efe5a837389a892491517523dd653012342c5479
SHA512

06af4294c97bc9cd5d63fce724d941daf6b8f95d9ef80d0d8c64bb27585c2dd4dceed7c006dbc3d1dcf57683bf198a402a9fb7f0d6fe73d00e6452b64e89479b
SSDEEP

1536:+Se2WFTWRzFF9s4KxmPWTDyawXykDNg5BEzsy:+UW1WRzFFy46FTGawNDNsqsy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67b1097bf2866488f87112f3723d45c3

Files

67b1097bf2866488f87112f3723d45c3
.exe windows:4 windows x86 arch:x86

51cb74b2ee69678de7bf4ecc63e20388

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

StartServiceCtrlDispatcherA
ChangeServiceConfig2A
StartServiceA
CloseServiceHandle
CreateServiceA
OpenSCManagerA
SetServiceStatus
RegisterServiceCtrlHandlerA

kernel32

CreateProcessA
SetStdHandle
SetFilePointer
GetLocaleInfoA
GetSystemInfo
VirtualProtect
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
RtlUnwind
RaiseException
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersionExA
DebugBreak
GetProcAddress
LoadLibraryA
HeapFree
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
ExitProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
WriteFile
HeapAlloc
GetProcessHeap
CloseHandle
FreeLibrary
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
VirtualAlloc
HeapReAlloc
IsBadWritePtr
IsBadReadPtr
HeapValidate
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
VirtualQuery
InterlockedExchange
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
QueryPerformanceCounter
GetTickCount
FlushFileBuffers

ole32

CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysAllocString
SysStringLen
SysFreeString

Sections

.text
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

51cb74b2ee69678de7bf4ecc63e20388

Headers

File Characteristics

Imports

advapi32

kernel32

ole32

oleaut32

Sections

.text Size: 64KB - Virtual size: 60KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 4KB - Virtual size: 7KB

.text
Size: 64KB - Virtual size: 60KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 4KB - Virtual size: 7KB