FastCopy[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

FastCopy.exe
Size

653KB
MD5

c8bfce5adc7e7bbf2f9960ca8c7ecdc0
SHA1

f466832a3552e97465006fb050bbbbddb40fdbb7
SHA256

e93a5be2845360ad5709180990b7c4116fd977b3c3f3123d8732ea20a47715f5
SHA512

64025192d2ed1a2d403189a6de46c4c8ae294e1899370dc9029adc49fc2e7b369edd00c75020db2d0ba41fb4d6801923a1279cc4a8c347b081fd1a7a031f52bf
SSDEEP

12288:BOR7sbuS9WRdB0eS/ZgJ9Pcx88nNTJtapZXbsHyT:87sbuS9WRdB0ecgLPF8nNTJEZDT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
FastCopy.exe

Files

FastCopy.exe
.exe windows x64

32b454fe3045e50c3917e888266df023

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

SetSystemPowerState
GetCurrentProcess
GetThreadLocale
CreatePipe
CreateMutexA
DuplicateHandle
OpenProcess
ProcessIdToSessionId
TzSpecificLocalTimeToSystemTime
SetDllDirectoryA
GetCurrentProcessId
SetThreadExecutionState
GetSystemTime
GetLongPathNameW
GetFileAttributesExW
GetStdHandle
ReleaseMutex
AttachConsole
WriteConsoleW
GetTempPathW
CreateProcessW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetSystemDefaultLCID
GetProcAddress
FreeLibrary
UnmapViewOfFile
OpenMutexA
CreateFileMappingA
MapViewOfFile
DeviceIoControl
RemoveDirectoryW
FindFirstChangeNotificationW
GetVolumeNameForVolumeMountPointW
FindCloseChangeNotification
FindNextChangeNotification
SetThreadLocale
FindFirstFileW
FindFirstFileExW
GetSystemDirectoryW
GlobalAlloc
GlobalFree
LoadLibraryW
GlobalLock
GetModuleHandleW
GetTickCount
MultiByteToWideChar
WideCharToMultiByte
CreateMutexW
VirtualFree
VirtualAlloc
SetEvent
GetVersionExA
GetEnvironmentStringsW
WriteConsoleA
OutputDebugStringA
OutputDebugStringW
SetPriorityClass
RtlCaptureStackBackTrace
GetExitCodeThread
RaiseException
CreateThread
IsBadReadPtr
SetUnhandledExceptionFilter
SizeofResource
FindResourceA
LockResource
LoadResource
HeapSize
GetConsoleMode
GetConsoleCP
SetFilePointerEx
GetProcessHeap
GetStringTypeW
SetStdHandle
FreeEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
LCMapStringW
GetFileType
HeapFree
HeapReAlloc
HeapAlloc
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
LoadLibraryExW
EncodePointer
RtlPcToFileHeader
RtlUnwindEx
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
CreateEventW
WaitForSingleObjectEx
ResetEvent
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
LoadLibraryExA
VirtualQuery
VirtualProtect
GetSystemInfo
CreateHardLinkW
GetFileSizeEx
BackupWrite
BackupSeek
BackupRead
GetFileSize
ReadFile
FlushFileBuffers
SetFileAttributesW
SetEndOfFile
SetFilePointer
GetFileTime
GetDriveTypeW
CreateEventA
TlsFree
SystemTimeToTzSpecificLocalTime
TlsGetValue
SystemTimeToFileTime
DeleteCriticalSection
GetOverlappedResult
GetLocalTime
TlsAlloc
TerminateThread
GetCurrentThread
FileTimeToSystemTime
GetLastError
LocalFileTimeToFileTime
FormatMessageW
GetFileInformationByHandle
Sleep
ResumeThread
SuspendThread
GetCurrentThreadId
WaitForSingleObject
FindClose
InitializeCriticalSection
LeaveCriticalSection
SetThreadPriority
SetFileTime
GetDiskFreeSpaceW
FindNextFileW
EnterCriticalSection
SetLastError
TlsSetValue
GetCommandLineW
CancelIo
GetVolumeInformationW
MoveFileW
CopyFileW
MoveFileExW
CloseHandle
DeleteFileW
GetUserDefaultLCID
GetFileAttributesW
CreateFileW
GetModuleFileNameW
WriteFile
GetFullPathNameW
ExitProcess
CreateDirectoryW

user32

EndDialog
DeferWindowPos
CreateDialogParamW
EndPaint
BeginPaint
DialogBoxParamW
DefWindowProcW
GetMessageA
PostMessageW
DispatchMessageA
DestroyWindow
IsWindowVisible
MessageBoxW
SetActiveWindow
SetWindowLongPtrW
SetWindowTextW
GetScrollInfo
GetWindowLongPtrW
TranslateAcceleratorA
GetDlgItemTextA
DispatchMessageW
SetTimer
CallWindowProcA
PeekMessageW
GetWindowTextA
SetDlgItemTextW
SetWindowTextA
AttachThreadInput
GetDlgItemTextW
SendDlgItemMessageW
MoveWindow
DefWindowProcA
TranslateAcceleratorW
TranslateMessage
SetDlgItemTextA
GetDlgItemInt
GetWindowPlacement
IsWindow
CheckDlgButton
SetDlgItemInt
UpdateWindow
SetForegroundWindow
InvalidateRect
IsIconic
GetWindowTextW
MessageBoxA
LoadStringW
GetFocus
GetDlgCtrlID
CharLowerW
GetMenuState
CallWindowProcW
GetWindow
SetWindowPos
CreateWindowExW
BringWindowToTop
GetClassNameW
DrawTextW
GetParent
SendMessageA
PostMessageA
CharUpperW
EnableWindow
GetCursorPos
ReleaseDC
PtInRect
BeginDeferWindowPos
IsDialogMessageW
IsDialogMessageA
GetClientRect
EndDeferWindowPos
RegisterClassW
RegisterClassA
EnableMenuItem
KillTimer
PostQuitMessage
PeekMessageA
GetMessageW
AppendMenuW
GetDlgItem
CheckMenuItem
SystemParametersInfoA
InsertMenuW
DrawMenuBar
SendDlgItemMessageA
SetFocus
DestroyMenu
FlashWindow
IsDlgButtonChecked
GetMenuItemID
LoadCursorA
RegisterWindowMessageA
LoadAcceleratorsA
SetClassLongPtrA
GetSysColor
GetMenuStringW
SetCapture
SetCursor
LoadIconA
GetWindowLongPtrA
SetWindowLongPtrA
ReleaseCapture
GetWindowThreadProcessId
GetWindowTextLengthW
ModifyMenuW
GetKeyState
MonitorFromPoint
GetWindowRect
GetMenu
GetDC
GetMenuItemCount
DeleteMenu
ScreenToClient
SendMessageW
GetSystemMetrics
CreatePopupMenu
TrackPopupMenu
GetSubMenu
ShowWindow
GetMonitorInfoW
ClientToScreen
IsChild
GetForegroundWindow
IsWindowEnabled

gdi32

SelectObject
GetObjectA
SetBkColor
CreateSolidBrush
GetDeviceCaps
LPtoDP
DeleteObject
DPtoLP
CreateFontIndirectW

comdlg32

GetOpenFileNameW
GetSaveFileNameW
ChooseFontW

advapi32

LookupPrivilegeValueA
RegCloseKey
RegQueryValueW
RegOpenKeyExW
RegQueryValueExW
CryptDestroyKey
CryptVerifySignatureA
CryptImportKey
CryptAcquireContextA
InitiateSystemShutdownExA
LookupAccountNameW
AddAccessAllowedAce
GetUserNameW
InitializeAcl
SetNamedSecurityInfoW
OpenProcessToken
CryptCreateHash
AdjustTokenPrivileges
CryptReleaseContext
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptGenRandom

ole32

CoUninitialize
CoTaskMemAlloc
PropVariantClear
CoInitialize
CoCreateInstance
CoTaskMemFree
CreateStreamOnHGlobal

msimg32

GradientFill

dbghelp

MiniDumpWriteDump

wininet

InternetReadFile
InternetSetOptionW
InternetConnectA
HttpSendRequestA
InternetCloseHandle
InternetOpenA
HttpAddRequestHeadersA
InternetCrackUrlA
HttpOpenRequestA
HttpQueryInfoA

Sections

.text
Size: 400KB - Virtual size: 400KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 223KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

32b454fe3045e50c3917e888266df023

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

msimg32

dbghelp

wininet

Sections

.text Size: 400KB - Virtual size: 400KB

.rdata Size: 134KB - Virtual size: 134KB

.data Size: 11KB - Virtual size: 223KB

.pdata Size: 21KB - Virtual size: 20KB

_RDATA Size: 512B - Virtual size: 148B

.rsrc Size: 78KB - Virtual size: 77KB

.text
Size: 400KB - Virtual size: 400KB

.rdata
Size: 134KB - Virtual size: 134KB

.data
Size: 11KB - Virtual size: 223KB

.pdata
Size: 21KB - Virtual size: 20KB

_RDATA
Size: 512B - Virtual size: 148B

.rsrc
Size: 78KB - Virtual size: 77KB