b8071eae0c6365907a13fd031696cae3

Sharing

Copy URL

Twitter E-mail

General

Target

b8071eae0c6365907a13fd031696cae3
Size

56KB
MD5

b8071eae0c6365907a13fd031696cae3
SHA1

22fe3dcd3d18ceab9190ad7504b083e22c003d8e
SHA256

6476f676d84a4cdfecf70b71caab63bd51d8a89b6e93f0bcf03a2cf7da8383ee
SHA512

0f2384a396564320e388291a1ab74f72d2b573f5e63f4b479dcdf420620d5d8cbf9c338451659bba4190b37752d7464f879bab3def75a7ea3049ea0525cb62ca
SSDEEP

768:S+PyQpxlxzdo7nM0GmB+QKXuuWMaV7GEWqtgnXZgOWvlOyXmplV0CvN:7aOxlxzkM0JB+y/M2gUyWdlOiulV0i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8071eae0c6365907a13fd031696cae3

Files

b8071eae0c6365907a13fd031696cae3
.exe windows:4 windows x86 arch:x86

e69a9ce0bcc323c35f601e70ed24d664

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
LoadResource
FindResourceA
FindResourceExA
CloseHandle
FlushFileBuffers
WriteFile
CreateFileA
GetSystemDirectoryA
GetModuleHandleA
DeviceIoControl
SizeofResource
MapViewOfFile
CreateFileMappingA
GetVolumeInformationA
DeleteFileA
GetWindowsDirectoryA
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
LoadLibraryA
GetFileType
SetHandleCount
DeleteCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
EnterCriticalSection
LeaveCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitProcess
RtlUnwind
GetStartupInfoA
GetCommandLineA
HeapCreate
VirtualFree
IsBadWritePtr
GetProcAddress
TerminateProcess
GetCurrentProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
SetUnhandledExceptionFilter
GetOEMCP
GetCPInfo
LCMapStringA
LCMapStringW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW

user32

wsprintfA

advapi32

OpenSCManagerA
OpenServiceA
ControlService
DeleteService
CloseServiceHandle
CreateServiceA
StartServiceA
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e69a9ce0bcc323c35f601e70ed24d664

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 28KB - Virtual size: 25KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 28KB - Virtual size: 25KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 12KB - Virtual size: 11KB