9a6bb09e998fcebad5e687dec29f092f

General

Target

9a6bb09e998fcebad5e687dec29f092f
Size

68KB
MD5

9a6bb09e998fcebad5e687dec29f092f
SHA1

0e598798997ee986c8bd2d782852725219d6c0b6
SHA256

ea3a3e04e82988607a4fceb8a3103ecfc42570d4a4347581fdfc744674b6aa3e
SHA512

5a58915dbe41c12557a2e9f0372a161b7bc5d2115a0f3d7a9dbae0c61fbd604fa1c7224e366137dd1b03dd1c11dab644f1a21071f734031e81d076859d0e8a8d
SSDEEP

384:qODbV6HkMoZv33UcbCdExWE0i6O2nrIP4pcXkadF2yfCs7gDLBdC:qgvCdPxiGrIP4pcUaGyf37g7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9a6bb09e998fcebad5e687dec29f092f

Files

9a6bb09e998fcebad5e687dec29f092f
.exe windows:4 windows x86 arch:x86

307183453b1f056ebd35b8e9e68e94f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeA
CreateThread
ExitProcess
CloseHandle
GetLastError
CreateMutexA
GetCurrentThreadId
MoveFileExA
WriteFile
CreateFileA
MapViewOfFile
CreateFileMappingA
GetModuleFileNameA
GetCurrentProcess
UnmapViewOfFile
DeviceIoControl
Module32Next
GetModuleHandleA
Module32First
CreateToolhelp32Snapshot
OpenProcess
Process32Next
lstrcmpiA
Process32First
GetWindowsDirectoryA
DeleteFileA
FreeLibrary
SetFileAttributesA
GetSystemDirectoryA
GetFileAttributesA
CopyFileA
WinExec
Sleep
GetTempPathA
GetTempFileNameA
LoadLibraryA
GetFileSize
GetProcAddress

user32

GetMessageA
PostThreadMessageA
GetInputState
MessageBoxA

advapi32

QueryServiceStatus
CreateServiceA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenSCManagerA
OpenServiceA
CloseServiceHandle
RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
StartServiceA

shell32

ShellExecuteA

msvcrt

fprintf
_onexit
__dllonexit
strncpy
sprintf
fputs
fclose
_strcmpi
fopen

Sections

.text
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

307183453b1f056ebd35b8e9e68e94f2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

msvcrt

Sections

.text Size: 8KB - Virtual size: 6KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 44KB - Virtual size: 43KB

.CRT Size: 4KB - Virtual size: 4B

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 8KB - Virtual size: 6KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 44KB - Virtual size: 43KB

.CRT
Size: 4KB - Virtual size: 4B

.rsrc
Size: 4KB - Virtual size: 1KB