a0ced38edff293ab6be73204e7dc0f28 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a0ced38edff293ab6be73204e7dc0f28
Size

20KB
MD5

a0ced38edff293ab6be73204e7dc0f28
SHA1

1fef5dc16e5dda900ad7336dc9d61327470db5dd
SHA256

e22e53a9592971c2f1727f3b83f3048a067ee76bc154d786a2da389c6dbdc8a0
SHA512

d01a3689b735aedfb93e25d304360ffcefe2ee49e2e0c981394e93d8349659d8f2d365983badc378ab535ea5ab70bc539f3030f27521111c37e18d7d84f079db
SSDEEP

96:N4y+OdFAFFemu30lYzHiyGhdhnR45XojeMA4RbNBbmn9ENf6:N4yvFA/emu30lYDiyCbnsXojeM5rNf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a0ced38edff293ab6be73204e7dc0f28

Files

a0ced38edff293ab6be73204e7dc0f28
.exe windows:4 windows x86 arch:x86

48c7f91b6d42abd4116cb9ca95a9b131

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ChangeServiceConfigA
ControlService
StartServiceA
DeleteService
OpenServiceA
CloseServiceHandle
CreateServiceA
OpenSCManagerA

msvcrtd

strrchr
exit
_exit
_XcptFilter
strcpy
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
strcat
printf
memset
atoi
_iob
fprintf
__p___initenv
_stricmp

kernel32

GetVersionExA
LoadLibraryA
GetProcAddress
GetModuleFileNameA
GetLastError
FormatMessageA

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 982B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rol
Size: - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE