882a90f9cafcd70bebfc84dd30fbe030

General

Target

882a90f9cafcd70bebfc84dd30fbe030
Size

184KB
MD5

882a90f9cafcd70bebfc84dd30fbe030
SHA1

b48da5068c7d1150bef81b44cc109c008ca13faf
SHA256

f7cd3ffd38c5f10e4b6334ac8ae3434a45611dd04023a3360cdbc03e6aa5fee6
SHA512

db6e966242e2713af42098e02ae63c6ace22f27afb107d39b3ded3c5508faf83a6c0a884a027e2519937e04f10b3a130be90b87779285f46c1b5d8304dda36e1
SSDEEP

3072:9CkQGqAXLoh7ryYGnmSlscBRgR9ExeKHeoWxMB7DNkH/InNthgxYw/K3N:9CkQeXLoh7jvSlsURgR9Exe5xmDiHAZr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
882a90f9cafcd70bebfc84dd30fbe030

Files

882a90f9cafcd70bebfc84dd30fbe030
.exe windows:4 windows x86 arch:x86

52c645d2f81f0f0502c989aad3007a9f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegSetValueExA
RegCreateKeyExA
CloseServiceHandle
CreateServiceA
StartServiceA
OpenServiceA
DeleteService
OpenSCManagerA
RegOpenKeyExA
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA

rpcrt4

UuidToStringA

shell32

SHGetSpecialFolderPathA

shlwapi

StrStrIA
SHGetValueA
SHEnumKeyExA
SHEnumValueA
SHSetValueA

user32

wsprintfA

ole32

CoCreateGuid
CoInitialize
CoCreateInstance

imagehlp

ImageNtHeader

kernel32

SleepEx
GetLocalTime
GetVersionExA
ExitProcess
GetFileAttributesExA
SetFileTime
FindFirstFileA
GetFileAttributesA
GetPrivateProfileStringA
FindNextFileA
GetModuleHandleA
GetStartupInfoA
GetSystemDirectoryA
lstrlenA
GetLastError
CloseHandle
CreateFileA
WideCharToMultiByte

msvcrt

__mb_cur_max
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
fwrite
fopen
isxdigit
strlen
sprintf
malloc
strcat
strcpy
memcpy
memset
isgraph
strerror
printf
ispunct
isalnum
isspace
tolower
islower
??2@YAPAXI@Z
wctomb
fclose
isupper
isalpha
free
memcmp
time
rand
strncpy
wcscpy
mbstowcs
srand
atoi
_exit
_XcptFilter

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

52c645d2f81f0f0502c989aad3007a9f

Headers

File Characteristics

Imports

advapi32

rpcrt4

shell32

shlwapi

user32

ole32

imagehlp

kernel32

msvcrt

Sections

.text Size: 52KB - Virtual size: 49KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 108KB - Virtual size: 104KB

.text
Size: 52KB - Virtual size: 49KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 108KB - Virtual size: 104KB