882dbe0d9d5a27e458fc36ae69c2a363 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

882dbe0d9d5a27e458fc36ae69c2a363
Size

50KB
MD5

882dbe0d9d5a27e458fc36ae69c2a363
SHA1

0d8381280c61e18b2dd2014ba6b6afe1b3d35b75
SHA256

35fbb086b33cfc52a0ae6cf96e9ef24467e9501f24ba5804a0769938d1341ede
SHA512

e881a74c492a573289f95f4675986b67c6592cd8b6ecfbe079584f4c0e3fa03da06993b6e0acdbc1118f9039779388a02fc6d89f1faba6d7aba9265b98722bc8
SSDEEP

768:W5EdYSfe837yHRV5CwTfed3Hv9EPAml8jCcAhc4/VAp44N6tmJ5gYG:W5EdY6e8yHRrCwC7eR8WcAF54N6trt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
882dbe0d9d5a27e458fc36ae69c2a363

Files

882dbe0d9d5a27e458fc36ae69c2a363
.exe windows:4 windows x86 arch:x86

fed544956f15f5072e602d9311f06e24

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
GetLastError
GetShortPathNameA
WinExec
GetStartupInfoA
GetModuleHandleA
lstrcatA
GetEnvironmentVariableA
GetModuleFileNameA
SetLastError
lstrcmpiA
lstrcpyA
lstrlenA
FindResourceA
GetProcAddress
CreateFileA
WriteFile
FreeResource
CloseHandle
ExitProcess
LoadResource
LoadLibraryA
GetSystemDirectoryA

user32

wsprintfA

advapi32

CreateServiceA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA
OpenSCManagerA
CloseServiceHandle

shell32

ShellExecuteA

msvcrt

_exit
rand
memset
??2@YAPAXI@Z
memcpy
strchr
??3@YAXPAX@Z
srand
_except_handler3
__CxxFrameHandler
_CxxThrowException
??1type_info@@UAE@XZ
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ