FastCopy[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

FastCopy.exe
Size

608KB
MD5

bc19cfcccf901ea7d54f1b94a7584380
SHA1

ca63e7a6ed3f8a02a8319dd599932ed00c2e6a05
SHA256

46c5a073126a984a9226bb339772b8521160ad34596b257fd7271c4eac4c820b
SHA512

86af0b0281a8798055fa666f4d7bcd5d909a92709464dc669501013d41f860eea6a3dab2a5b1cb0a219a5237709c0cada175bfd93d53828d5bb4f86b543c9c4c
SSDEEP

12288:es4WRqkmtCi1GbAQLeWbH1mZikKICEZXbsLC1:eBWRqk8j1GbAQi41OJK6Zb1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
FastCopy.exe

Files

FastCopy.exe
.exe windows x64

b014b422302eb2a4dc7d0e75b32ed6e6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

CreateHardLinkW
SetPriorityClass
GetCommandLineW
SetSystemPowerState
GetCurrentProcess
GetThreadLocale
CreatePipe
CreateMutexA
DuplicateHandle
OpenProcess
ProcessIdToSessionId
TzSpecificLocalTimeToSystemTime
GetUserDefaultLCID
SetDllDirectoryA
GetCurrentProcessId
SetThreadExecutionState
GetSystemTime
GetStdHandle
ReleaseMutex
AttachConsole
WriteConsoleW
GetTempPathW
CreateProcessW
RemoveDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetSystemDefaultLCID
GetProcAddress
FreeLibrary
UnmapViewOfFile
OpenMutexA
CreateFileMappingA
MapViewOfFile
DeviceIoControl
FindFirstChangeNotificationW
GetVolumeNameForVolumeMountPointW
FindCloseChangeNotification
FindNextChangeNotification
SetThreadLocale
VirtualFree
VirtualAlloc
GetSystemDirectoryW
GetModuleHandleA
SetEvent
GetVersionExA
GlobalAlloc
GlobalFree
LoadLibraryW
GlobalLock
GetTickCount
MultiByteToWideChar
WideCharToMultiByte
CreateMutexW
GetModuleFileNameA
WriteConsoleA
OutputDebugStringA
GetCurrentThreadId
RtlCaptureStackBackTrace
GetExitCodeThread
OutputDebugStringW
CreateFileA
RaiseException
BackupWrite
CreateThread
IsBadReadPtr
SetUnhandledExceptionFilter
ExitProcess
SizeofResource
FindResourceA
LockResource
LoadResource
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapSize
GetProcessHeap
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
LCMapStringW
GetStringTypeW
GetFileType
HeapFree
HeapReAlloc
HeapAlloc
GetACP
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
LoadLibraryExW
EncodePointer
RtlPcToFileHeader
RtlUnwindEx
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
CreateEventW
WaitForSingleObjectEx
ResetEvent
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
LoadLibraryExA
GetModuleHandleW
VirtualQuery
VirtualProtect
GetSystemInfo
BackupSeek
BackupRead
GetFileSize
SetLastError
ReadFile
FlushFileBuffers
SetFileAttributesW
SetEndOfFile
SetFilePointer
GetFileTime
GetDriveTypeW
CreateEventA
TlsFree
SystemTimeToTzSpecificLocalTime
TlsGetValue
SystemTimeToFileTime
DeleteCriticalSection
GetOverlappedResult
GetLocalTime
TlsAlloc
TerminateThread
GetCurrentThread
FileTimeToSystemTime
GetLastError
LocalFileTimeToFileTime
FormatMessageW
GetFileInformationByHandle
Sleep
ResumeThread
SuspendThread
WaitForSingleObject
FindClose
InitializeCriticalSection
LeaveCriticalSection
SetThreadPriority
SetFileTime
GetDiskFreeSpaceW
FindNextFileW
EnterCriticalSection
TlsSetValue
GetFileSizeEx
FindFirstFileExW
CancelIo
GetVolumeInformationW
MoveFileW
CopyFileW
MoveFileExW
CloseHandle
DeleteFileW
GetFileAttributesW
CreateFileW
GetModuleFileNameW
WriteFile
GetFullPathNameW
CreateDirectoryW

user32

GetWindowPlacement
EndDialog
DeferWindowPos
CreateDialogParamW
EndPaint
BeginPaint
IsDialogMessageW
GetMessageA
PostMessageW
DispatchMessageA
DestroyWindow
IsWindowVisible
MessageBoxW
SetActiveWindow
SetWindowLongPtrW
SetWindowTextW
GetScrollInfo
GetWindowLongPtrW
TranslateAcceleratorA
GetDlgItemTextA
DispatchMessageW
SetTimer
CallWindowProcA
PeekMessageW
GetWindowTextA
SetDlgItemTextW
SetWindowTextA
AttachThreadInput
GetDlgItemTextW
SendDlgItemMessageW
MoveWindow
DefWindowProcA
TranslateAcceleratorW
TranslateMessage
SetDlgItemTextA
GetDlgItemInt
IsDialogMessageA
PeekMessageA
CheckDlgButton
SetDlgItemInt
UpdateWindow
SetForegroundWindow
InvalidateRect
IsIconic
GetWindowTextW
LoadStringA
LoadStringW
MessageBoxA
GetFocus
GetDlgCtrlID
CharLowerW
GetMenuState
CallWindowProcW
GetWindow
SetWindowPos
CreateWindowExW
SendMessageA
CharUpperW
PostMessageA
EnableWindow
GetCursorPos
ReleaseDC
PtInRect
EnableMenuItem
EndDeferWindowPos
DefWindowProcW
DialogBoxParamW
IsWindow
BeginDeferWindowPos
RegisterClassW
RegisterClassA
KillTimer
AppendMenuW
PostQuitMessage
GetMessageW
GetClientRect
GetDlgItem
CheckMenuItem
SystemParametersInfoA
InsertMenuW
DrawMenuBar
SendDlgItemMessageA
SetFocus
DestroyMenu
FlashWindow
IsDlgButtonChecked
BringWindowToTop
GetClassNameW
AppendMenuA
DrawTextW
GetParent
LoadCursorA
RegisterWindowMessageA
LoadAcceleratorsA
SetClassLongPtrA
GetSysColor
SetCapture
SetCursor
LoadIconA
GetWindowLongPtrA
GetMenuStringA
SetWindowLongPtrA
ReleaseCapture
ModifyMenuA
GetWindowThreadProcessId
GetWindowTextLengthW
ModifyMenuW
GetKeyState
MonitorFromPoint
GetWindowRect
GetMenu
GetDC
GetMenuItemCount
DeleteMenu
ScreenToClient
SendMessageW
GetSystemMetrics
CreatePopupMenu
TrackPopupMenu
GetSubMenu
ShowWindow
GetMonitorInfoW
ClientToScreen
IsChild
GetForegroundWindow
IsWindowEnabled

gdi32

SelectObject
GetObjectA
SetBkColor
CreateSolidBrush
GetDeviceCaps
LPtoDP
DeleteObject
DPtoLP
CreateFontIndirectW

comdlg32

GetOpenFileNameW
GetSaveFileNameW
ChooseFontW

advapi32

LookupPrivilegeValueA
RegCloseKey
RegQueryValueW
RegOpenKeyExW
RegQueryValueExW
CryptDestroyKey
CryptVerifySignatureA
CryptImportKey
CryptAcquireContextA
InitiateSystemShutdownExA
LookupAccountNameW
AddAccessAllowedAce
GetUserNameW
InitializeAcl
SetNamedSecurityInfoW
OpenProcessToken
CryptCreateHash
AdjustTokenPrivileges
CryptReleaseContext
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptGenRandom

ole32

CoUninitialize
CreateStreamOnHGlobal
PropVariantClear
CoInitialize
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree

msimg32

GradientFill

dbghelp

MiniDumpWriteDump

wininet

InternetConnectA
HttpSendRequestA
InternetCloseHandle
InternetReadFile
HttpAddRequestHeadersA
InternetCrackUrlA
HttpOpenRequestA
HttpQueryInfoA
InternetOpenA

Sections

.text
Size: 366KB - Virtual size: 365KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b014b422302eb2a4dc7d0e75b32ed6e6

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

msimg32

dbghelp

wininet

Sections

.text Size: 366KB - Virtual size: 365KB

.rdata Size: 127KB - Virtual size: 126KB

.data Size: 11KB - Virtual size: 222KB

.pdata Size: 19KB - Virtual size: 19KB

.rsrc Size: 77KB - Virtual size: 76KB

.text
Size: 366KB - Virtual size: 365KB

.rdata
Size: 127KB - Virtual size: 126KB

.data
Size: 11KB - Virtual size: 222KB

.pdata
Size: 19KB - Virtual size: 19KB

.rsrc
Size: 77KB - Virtual size: 76KB