fde03536f669a2d7d034ad6611a061a1[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

fde03536f669a2d7d034ad6611a061a1.exe
Size

643KB
MD5

fde03536f669a2d7d034ad6611a061a1
SHA1

bc44aabb2f9313f531e5b0d2d51070487f825a95
SHA256

adf8190b181215fc719cbe698ff54e458e8eb1abed9d480a1f9fb67b81a75b18
SHA512

54bd0309853d61ee67a500dfbf1ecbb839e36ce0fbd60c95fe2c49b3f44294907be0ac122b677b04964be5149af47c82e8fbd92e9fb2fa7b4854b0561f26e264
SSDEEP

12288:zfPNOdlm9zzggSy8riKcKqxPxutgOCmSauB3R/gYnTwb3nXV:zH0dK0gS3wKCYtHCmM/VOl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fde03536f669a2d7d034ad6611a061a1.exe

Files

fde03536f669a2d7d034ad6611a061a1.exe
.exe windows x86

ad08401f57f66d3b7a49e8ebdb071b95

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_GetIcon

kernel32

InterlockedExchange
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
WideCharToMultiByte
MultiByteToWideChar
RaiseException
GetLastError
InitializeCriticalSection
DeleteCriticalSection
lstrlenA
CompareStringA
CompareStringW
EnterCriticalSection
LeaveCriticalSection
FlushInstructionCache
GetCurrentProcess
HeapFree
GetProcessHeap
HeapAlloc
GetCurrentThreadId
FreeLibrary
LoadLibraryA
SetLastError
LocalFree
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
CloseHandle
GetVolumeInformationA
ExpandEnvironmentStringsA
LocalFileTimeToFileTime
SystemTimeToFileTime
CreateFileA
ReadFile
WriteFile
SetFilePointer
CreateDirectoryA
GetProcAddress
GetCurrentDirectoryA
GetModuleFileNameA
GetComputerNameA
SetFileTime
RemoveDirectoryA
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetDriveTypeA
GetTickCount
SetEnvironmentVariableA
SetStdHandle
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetTimeZoneInformation
GetFileType
GetStdHandle
SetHandleCount
FlushFileBuffers
LCMapStringW
LCMapStringA
GetCPInfo
GetOEMCP
IsBadWritePtr
VirtualFree
HeapCreate
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
LocalAlloc
HeapDestroy
HeapReAlloc
HeapSize
ExitProcess
RtlUnwind
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
GetModuleHandleA
TerminateProcess
GetStartupInfoA
GetCommandLineA
QueryPerformanceCounter
GetCurrentProcessId

user32

MessageBoxA
CreateWindowExA
LookupIconIdFromDirectoryEx
CreateIconFromResourceEx
RegisterClassExA
CallWindowProcA
GetWindowLongA
DefWindowProcA
DestroyIcon
DestroyWindow
LoadCursorA
wsprintfA
GetClassInfoExA
IsWindow
SetWindowLongA
UnregisterClassA

shell32

SHGetFileInfoA
Shell_NotifyIconA

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ad08401f57f66d3b7a49e8ebdb071b95

Headers

File Characteristics

Imports

comctl32

kernel32

user32

shell32

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 68KB - Virtual size: 64KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 68KB - Virtual size: 64KB