7dd4d442768b07e5a42f72fe9ff2ee2e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7dd4d442768b07e5a42f72fe9ff2ee2e
Size

31KB
MD5

7dd4d442768b07e5a42f72fe9ff2ee2e
SHA1

af26dbfc4b70ec98c956737408b3d6bf1336d592
SHA256

b064e4048bced10069b1a75f639e85cc63a8da0bb0375ff5836b0646f81d9e93
SHA512

f2418ebd3d2a736fc7106878afcc3231670eb601152ba3b34a2ea7e21d554b176dce4f12758697d10e0ea833b01fe880ddc96cee2b74fa787b2fe5b6fe8de12f
SSDEEP

768:KtUhExlSKjtFrGgTpeR+De86PlTbzg/B7Hx8HUCTqq57:KtU8SmtFSWMkiwrxXCTTx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7dd4d442768b07e5a42f72fe9ff2ee2e

Files

7dd4d442768b07e5a42f72fe9ff2ee2e
.exe windows:4 windows x86 arch:x86

62c961a8f27e8feaf438db9eb835bd15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
FindResourceA
GetProcAddress
LoadLibraryA
Sleep
GetModuleHandleA
VirtualFreeEx
WaitForSingleObject
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
Process32Next
Process32First
GetCurrentProcess
LockResource
GetLastError
DeviceIoControl
MoveFileA
GetWindowsDirectoryA
DeleteFileA
FreeLibrary
CopyFileA
lstrcatW
GetWindowsDirectoryW
GetVersionExA
GlobalFree
LoadLibraryExA
GlobalAlloc
GetSystemDirectoryA
CreateFileA
SizeofResource
WriteFile
CloseHandle
GetModuleFileNameA
FreeResource

advapi32

OpenSCManagerA
OpenServiceA
StartServiceA
CloseServiceHandle
RegCreateKeyA
ControlService

shell32

ShellExecuteA

msvcrt

exit
fclose
fprintf
fopen

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ