7be819175da04b9000b4a835a669b95c

General

Target

7be819175da04b9000b4a835a669b95c
Size

185KB
MD5

7be819175da04b9000b4a835a669b95c
SHA1

ec2015795f5031d81c26dcacc7976698e643bb93
SHA256

24877b3834f38e39f62985b44f0b05607f2ead2f8b9731bbe66268c2e28678b7
SHA512

40fd9a0c2a294fba50e817780867ca5a77b5b2298ae367c6fcbaa773e0364431c63daf04e962b9613104e3d21b47307bb0d4680fd5f5e441aa6e5c5706e5c641
SSDEEP

3072:mA2P6DWsapG6j/riYQe1OSKkY9pnF76yTVRoIi/5CZZEkh49vm+D3aaF1gHK7/XI:mATUGkiYvI9nF7NroIiYZZbmNmcfVrJd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7be819175da04b9000b4a835a669b95c

Files

7be819175da04b9000b4a835a669b95c
.exe windows:4 windows x86 arch:x86

5f296c2f5b85886b6bd2b66cf781a223

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

advapi32

RegEnumKeyExW
DeregisterEventSource
ControlService
OpenSCManagerW
RegisterEventSourceW
ReportEventW
OpenProcessToken
SetServiceStatus
CloseServiceHandle
DeleteService
OpenServiceW
OpenThreadToken
CreateServiceW

kernel32

LoadLibraryExW
GetSystemTimeAsFileTime
QueryPerformanceCounter
FindAtomW
SetThreadPriority
LeaveCriticalSection
GetStartupInfoW
ResumeThread
GetProcAddress
DeviceIoControl
CreateFileW
GetTickCount
DeleteFileW
GetDriveTypeW
OpenThread
EnterCriticalSection
EnumResourceLanguagesW
GetCommandLineW
CreateDirectoryW
GetExitCodeThread
ReleaseMutex
FindNextFileW
GetConsoleCommandHistoryW
CopyFileW
GetCurrentProcessId
GetFileAttributesW
FindFirstFileW
GetModuleHandleA
OutputDebugStringW
SetPriorityClass
LoadResource
FindClose
ExitProcess
FindResourceW

gdi32

DeleteObject

setupapi

CM_Get_Sibling
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyA
CM_Get_DevNode_Status

Sections

.text
Size: 95KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f296c2f5b85886b6bd2b66cf781a223

Headers

File Characteristics

Imports

advapi32

kernel32

gdi32

setupapi

Sections

.text Size: 95KB - Virtual size: 238KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 86KB - Virtual size: 86KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 95KB - Virtual size: 238KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 86KB - Virtual size: 86KB

.rsrc
Size: 1024B - Virtual size: 4KB