cbe1af15792892c94ac3f29ba677001a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cbe1af15792892c94ac3f29ba677001a
Size

65KB
MD5

cbe1af15792892c94ac3f29ba677001a
SHA1

d992a9394b7f18426f814f61baca7d76c9112c08
SHA256

56d0b0a1486f27861038d956c97d59593825f4ffc77de95fdfd309361c7a008b
SHA512

00f49c017a8ec45cf429c776ddfc51a4938b81020bdbc371d66773a23da4f16eac4442eafb2747e2ea83c4fbddc432cf1a592833d5bdf1040d9062ba497fbf17
SSDEEP

768:R/GltJW1Lji3MagUmcnkkIZs0tmm0woxlMYDnIFDoxs7ZDye+mTmzkz0mav5Zz25:RNdUmWA3x0PxDoDyZmKzm0pxIWYwIvCq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cbe1af15792892c94ac3f29ba677001a

Files

cbe1af15792892c94ac3f29ba677001a
.dll windows:4 windows x86 arch:x86

366891020079c4e8fc5dd34a3fd3df64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
DeleteFileA
GetEnvironmentVariableA
WriteFile
ReadFile
SetFilePointer
CreateFileA
SetFileTime
CreateProcessA
GetWindowsDirectoryA
ResumeThread
SuspendThread
TerminateThread
WaitForSingleObject
GetLastError
CreateThread
CloseHandle
GetFileTime

advapi32

SetServiceStatus
RegisterServiceCtrlHandlerA

msvcrt

rand
srand
time
free
malloc
_initterm
_adjust_fdiv

Exports

Exports

ServiceMain

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 854B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ