7276b4c8540b094043827ace3c38acd342b944f0465bd1b160d5aea9ef5d7d2f

General

Target

7276b4c8540b094043827ace3c38acd342b944f0465bd1b160d5aea9ef5d7d2f
Size

6KB
MD5

6fc2f41bc385618b7a3a5e530e384842
SHA1

645730ea24db1780b9cbb7049139f23bac9d3766
SHA256

7276b4c8540b094043827ace3c38acd342b944f0465bd1b160d5aea9ef5d7d2f
SHA512

2df2625fe6880054deda9cb72739621d1223b0b70b45c89116036fedf31b016d0811181a5e9f2d46435aca4119a7997fe52ab1258cb41718f21064c769b1c2fe
SSDEEP

96:F9JQDuT55hRT/cKjvNWqAdm7wugrsSCDN9rjAYpWmcEWsoZRWwG:B5hRT/1DNWqAEawSCDNZjXpLWLZRW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7276b4c8540b094043827ace3c38acd342b944f0465bd1b160d5aea9ef5d7d2f

Files

7276b4c8540b094043827ace3c38acd342b944f0465bd1b160d5aea9ef5d7d2f
.exe windows:5 windows x86 arch:x86

65c671ceb0b11db8465b234d0378ce10

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

cisvc.pdb

Imports

query

??0CException@@QAE@XZ
CiSvcMain
?SystemExceptionTranslator@@YAXIPAU_EXCEPTION_POINTERS@@@Z

ntdll

RtlUnwind
NtOpenProcessToken
NtAdjustPrivilegesToken
NtClose

msvcrt

_c_exit
_exit
_XcptFilter
_cexit
exit
_CxxThrowException
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
??3@YAXPAX@Z
??1type_info@@UAE@XZ
_controlfp
?terminate@@YAXXZ
__CxxFrameHandler
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
__winitenv

advapi32

StartServiceCtrlDispatcherW

kernel32

UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
SetUnhandledExceptionFilter
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetErrorMode

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

65c671ceb0b11db8465b234d0378ce10

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

query

ntdll

msvcrt

advapi32

kernel32

Sections

.text Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 904B

.rsrc Size: 1024B - Virtual size: 33KB

.text
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 904B

.rsrc
Size: 1024B - Virtual size: 33KB