9eeeb5f562cd85244e00aa504d2f0fa66631346603a79f93b75a0b5d7518f977

General

Target

9eeeb5f562cd85244e00aa504d2f0fa66631346603a79f93b75a0b5d7518f977
Size

25KB
MD5

aade9196b786a0a96c51c9378d4632cb
SHA1

cab87d26ed8247167341372326e72c4c907e0fe3
SHA256

9eeeb5f562cd85244e00aa504d2f0fa66631346603a79f93b75a0b5d7518f977
SHA512

2480d1b7c8ca994e35ee22ef624452579972145f09de70869fe90fd093fbf206109f59b67a2f9ec587d7d13e4db590a0398c860307236d8eb771d33f17d32fd5
SSDEEP

384:NcWDacpLa1VfEJKBflcTos25e6v3OJKyTrmqBj7ORTr2fbc:+QHO1KJKJ8L6/+XNj28bc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9eeeb5f562cd85244e00aa504d2f0fa66631346603a79f93b75a0b5d7518f977

Files

9eeeb5f562cd85244e00aa504d2f0fa66631346603a79f93b75a0b5d7518f977
.exe windows:5 windows x64 arch:x64

35cc9faae2e04cf3ccae2dd287742c23

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

memset
wcscmp
memmove
wcslen
wcscpy
wcscat
strlen
memcpy
malloc
free
_vsnwprintf

kernel32

GetModuleHandleW
HeapCreate
HeapDestroy
ExitProcess
GetLastError
Sleep
CloseHandle
InitializeCriticalSection
GetModuleFileNameW
GetCommandLineW
SetCurrentDirectoryW
GetCurrentDirectoryW
HeapFree
WriteFile
HeapAlloc
HeapReAlloc
AllocConsole
GetStdHandle
GetConsoleScreenBufferInfo
SetConsoleCtrlHandler
SetConsoleTitleW
FreeConsole
DeleteCriticalSection
WriteConsoleW
GetNumberOfConsoleInputEvents
ReadConsoleInputW
MultiByteToWideChar
WideCharToMultiByte

advapi32

StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerW
SetServiceStatus
OpenSCManagerW
OpenServiceW
DeleteService
CloseServiceHandle
RegDeleteKeyW
RegConnectRegistryW
ControlService
RegCreateKeyW
RegSetValueExW
RegCloseKey
CreateServiceW
ChangeServiceConfig2W
QueryServiceStatus

winmm

timeBeginPeriod

Sections

.code
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 899B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1024B - Virtual size: 756B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35cc9faae2e04cf3ccae2dd287742c23

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

winmm

Sections

.code Size: 5KB - Virtual size: 5KB

.text Size: 10KB - Virtual size: 9KB

.rdata Size: 1024B - Virtual size: 899B

.pdata Size: 1024B - Virtual size: 756B

.data Size: 5KB - Virtual size: 5KB

.rsrc Size: 1KB - Virtual size: 1KB

.code
Size: 5KB - Virtual size: 5KB

.text
Size: 10KB - Virtual size: 9KB

.rdata
Size: 1024B - Virtual size: 899B

.pdata
Size: 1024B - Virtual size: 756B

.data
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1KB - Virtual size: 1KB