8bc6f6c8620ed5ca5e99ad346436abf1

General

Target

8bc6f6c8620ed5ca5e99ad346436abf1
Size

91KB
MD5

8bc6f6c8620ed5ca5e99ad346436abf1
SHA1

0fbc03a0e88a6353fb096e9b4c1e4e705b3b4284
SHA256

cb85676cd163b81f187049d773446880a0447efef9b7b2320714de89224c1a2c
SHA512

c0ccd539c42f33122c3e9667a897d7f5405fd5e78ed7be6512152bf2b320dc1605321558ae17d409d4ed1b2523751c97e847ab368763dd0b1cd39faa38cb0c1f
SSDEEP

1536:DP18URxrECqCh45FAlHeTsI8YJTRq+ogAd7okBn:DeURCfCh4+HeR2gAd7okBn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8bc6f6c8620ed5ca5e99ad346436abf1

Files

8bc6f6c8620ed5ca5e99ad346436abf1
.exe windows:4 windows x86 arch:x86

a891b1e589107233eb46e8f7b5b198ca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetLocalTime
MultiByteToWideChar
HeapFree
WideCharToMultiByte
SetLastError
lstrcpyA
GetSystemDirectoryA
lstrlenA
lstrcatA
FindResourceA
LoadResource
FreeResource
CreateFileA
WriteFile
CloseHandle
Sleep
SizeofResource
GetLastError
GetProcessHeap
HeapAlloc
GetModuleHandleA
GetProcAddress

user32

wsprintfA

advapi32

GetLengthSid
ControlService
DeleteService
RegQueryValueExA
CreateServiceA
OpenSCManagerA
OpenServiceA
CloseServiceHandle
StartServiceA
RegOpenKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
LookupAccountNameA
GetFileSecurityA
InitializeSecurityDescriptor
GetSecurityDescriptorDacl
GetAclInformation
InitializeAcl
GetAce
EqualSid
AddAce
GetUserNameA
SetFileSecurityA
GetSecurityDescriptorControl
SetSecurityDescriptorDacl
AddAccessAllowedAce
QueryServiceStatus

shlwapi

SHDeleteKeyA

netapi32

NetUserGetLocalGroups
NetApiBufferFree

msvcrt

_except_handler3
strchr
memcpy
memset
strlen
_stricmp

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a891b1e589107233eb46e8f7b5b198ca

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

netapi32

msvcrt

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 936B

.rsrc Size: 84KB - Virtual size: 88KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 936B

.rsrc
Size: 84KB - Virtual size: 88KB