96d15a7241473e7677c6348b0b5bf469

General

Target

96d15a7241473e7677c6348b0b5bf469
Size

33KB
MD5

96d15a7241473e7677c6348b0b5bf469
SHA1

3199925148cfbfe577ec674afe2432e01d1537ac
SHA256

89b2b711b7efc8fa8eb0257cb124f04e3bab3b1958cd5bf57c479643f382eaaf
SHA512

0aff2c19436b559a96da25ca1e85abc83f577193b013b23fbb4c74f5cb46164f7999257b8cc5722d4379ab258dc083a8e7bfc6740cb22ffc3df6658b95e5a471
SSDEEP

384:mKaMuz4R9TpvacqQC7e+zK1J5f15+XIpfaFVfTuT3b7aKtrDGOB:j1Pp+H8Xvv5aby2KBBB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96d15a7241473e7677c6348b0b5bf469

Files

96d15a7241473e7677c6348b0b5bf469
.exe windows:5 windows x86 arch:x86

5abadc64605687b5ba0d40f0bdc65517

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WaitForSingleObject
GetModuleFileNameA
GetLastError
CreateEventA
GetExitCodeProcess
TerminateProcess
SetEvent
GetSystemDirectoryA
CreateProcessA
Sleep
GetACP
GetCommandLineA
GetVersion
GetCPInfo
ExitProcess
GetOEMCP
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
HeapAlloc
HeapFree
VirtualAlloc
GetProcAddress
LoadLibraryA
FlushFileBuffers
SetFilePointer
SetStdHandle

advapi32

StartServiceCtrlDispatcherA
OpenServiceA
ControlService
QueryServiceStatus
DeleteService
OpenSCManagerA
CreateServiceA
RegisterServiceCtrlHandlerA
SetServiceStatus
CloseServiceHandle

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 943B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5abadc64605687b5ba0d40f0bdc65517

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 1024B - Virtual size: 943B

.data Size: 11KB - Virtual size: 15KB

.idata Size: 1KB - Virtual size: 1KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 1024B - Virtual size: 943B

.data
Size: 11KB - Virtual size: 15KB

.idata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 3KB - Virtual size: 2KB