c474ca55c707ceb36fff9e5b8a8bd59e

Sharing

Copy URL Twitter E-mail

General

Target

c474ca55c707ceb36fff9e5b8a8bd59e
Size

16KB
MD5

c474ca55c707ceb36fff9e5b8a8bd59e
SHA1

9b93616aab8e86ff9e5cb3439a157ef8c8e4ae7d
SHA256

47dca6f0de6e640d3ce254ee2d47a3b39353fa72417036e46ca4b620f612e99b
SHA512

02541c062be8382cd1e10217f00ecc7cd60b4cfdd462ad3a97ec1a44ce9f9a5648c00804fdc5a73d17f39a5a1c0e747c88d099dac24134334d9d8adc603e827f
SSDEEP

192:0qSXgb6rVPF8K/NfC4bEy5o3ypLNIZsw7x92PVG5POYyRV1LxMxIjRSLiTZ:nSXO6LFfZbVo3owpyH1NGURSU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c474ca55c707ceb36fff9e5b8a8bd59e

Files

c474ca55c707ceb36fff9e5b8a8bd59e
.exe .vbs windows:4 windows x86 arch:x86 polyglot

98e4ee6924a82994a57a4dbf75b12d9b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

ChangeServiceConfigA
CloseServiceHandle
ControlService
EnumServicesStatusExA
GetUserNameA
OpenSCManagerA
OpenServiceA
QueryServiceConfigA
QueryServiceStatusEx
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
StartServiceA

kernel32

FormatMessageA
GetLastError
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetTickCount
HeapAlloc
HeapFree
LocalAlloc
LocalFree
Sleep

mpr

WNetAddConnection2A
WNetCancelConnection2A

cc3260mt

@_InitTermAndUnexPtrs$qv
___CRTL_MEM_UseBorMM
___CRTL_TLS_Alloc
___CRTL_TLS_ExitThread
___CRTL_TLS_Free
___CRTL_TLS_GetValue
___CRTL_TLS_InitThread
___CRTL_TLS_SetValue
__argc
__argv
__argv_default_expand
__exitargv
__handle_exitargv
__handle_setargv
__handle_wexitargv
__handle_wsetargv
__matherr
__matherrl
__setargv
__startup
__wargv_default_expand
_exit
_memcpy
_memset
_printf
_sprintf
_strchr
_strlen

Exports

Exports

__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98e4ee6924a82994a57a4dbf75b12d9b

Headers

File Characteristics

Imports

advapi32

kernel32

mpr

cc3260mt

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 4KB

.data Size: 5KB - Virtual size: 8KB

.tls Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 4KB

.data
Size: 5KB - Virtual size: 8KB

.tls
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB