a3ae139c7eaaa146ee4971653cfc78d5

General

Target

a3ae139c7eaaa146ee4971653cfc78d5
Size

180KB
MD5

a3ae139c7eaaa146ee4971653cfc78d5
SHA1

9c4706d5aa182eeb08a7f71583a55aa1c789eed0
SHA256

a2131faf5dd80d4db568da8bdd535d940e5b68c8bc4911dee1a079176be52ce1
SHA512

82c671ba31a1ec8aaacaaeab83394e12603344664270bee5b041624a792838373e3dd6784082c0aa237af27be73ddaa74214a078b3edc8b6337261deea47a81a
SSDEEP

3072:2idTltXrQNBFdFNXCkCXjITvQtGnwhgf724kYhJG1:jdJ1QTFdzCkykTBpf72zz1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a3ae139c7eaaa146ee4971653cfc78d5

Files

a3ae139c7eaaa146ee4971653cfc78d5
.exe windows:4 windows x86 arch:x86

ba068b4f4e613bf6143c69c184445e97

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

UuidToStringA

shell32

SHGetSpecialFolderPathA

ole32

CoCreateGuid
CoCreateInstance
CoInitialize

advapi32

RegSetValueExA
StartServiceA
RegCreateKeyExA
CreateServiceA
OpenSCManagerA
DeleteService
RegCloseKey
RegOpenKeyExA
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
CloseServiceHandle
OpenServiceA

user32

wsprintfA

shlwapi

SHGetValueA
SHEnumKeyExA
SHSetValueA
StrStrIA
SHEnumValueA

msvcrt

memcpy
memset
time
memcmp
wctomb
__mb_cur_max
isalpha
printf
strlen
islower
??2@YAPAXI@Z
isalnum
isupper
ispunct
isspace
tolower
fwrite
fclose
fopen
atoi
strncpy
wcscpy
mbstowcs
sprintf
srand
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
strerror
isgraph
isxdigit
rand
strcpy
strcat
free
malloc

imagehlp

ImageNtHeader

kernel32

GetVersionExA
GetLocalTime
SleepEx
lstrlenA
GetModuleHandleA
ExitProcess
GetLastError
FindFirstFileA
GetFileAttributesA
GetPrivateProfileStringA
FindNextFileA
WideCharToMultiByte
GetSystemDirectoryA
GetFileAttributesExA
CreateFileA
SetFileTime
CloseHandle
GetStartupInfoA

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ba068b4f4e613bf6143c69c184445e97

Headers

File Characteristics

Imports

rpcrt4

shell32

ole32

advapi32

user32

shlwapi

msvcrt

imagehlp

kernel32

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 104KB - Virtual size: 102KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 104KB - Virtual size: 102KB