This program is packed using UPX and can be easily unpacked.
- Lab01-02.exe – https://virustotal.com/en/file/8bcbe24949951d8aae6018b87b5ca799efe47aeb623e6e5d3665814c6d59aeae/analysis/
At the start we see a call to ‘StartServiceCtrlDispatcher’ which is used to implement a service and the service control manager will call the service entry point provided. In here I have labeled the service entry point as ‘ServiceMain’. The name of the service created would be ‘Malservice’.