fabe4499b965d612936972d55f880aa0ed50953d4abfb0ba66f57f9b5aba564f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fabe4499b965d612936972d55f880aa0ed50953d4abfb0ba66f57f9b5aba564f
Size

1.4MB
MD5

5c3e98bbd356519374669249a07ca599
SHA1

f62641a5330ae9f5881aa962bd7cfdc2f9bfb4a2
SHA256

fabe4499b965d612936972d55f880aa0ed50953d4abfb0ba66f57f9b5aba564f
SHA512

9eed5a684109d5eca113f49d86c8d90e86e626ca659004d3045b01e301915eb17f94d6b56f16b56f5beb4c06b95474551cd3fbefd7ebe272ba0af4df93ed4042
SSDEEP

24576:nyvOjcZbmuBTRLgRJCrHgYbteFtod9oy58eVqi8H9rHoZFe74pSiaNPxPRFVaMra:nLjaLg2DwFqdFuEppxaNxVaMra

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fabe4499b965d612936972d55f880aa0ed50953d4abfb0ba66f57f9b5aba564f

Files

fabe4499b965d612936972d55f880aa0ed50953d4abfb0ba66f57f9b5aba564f
.exe windows x86

98eaa5c52a94c6bc3736416e091b6cc6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
RtlUnwind
LCMapStringA
GetProcAddress
HeapCreate

user32

wsprintfA
CreateWindowExA
CloseWindow
CharLowerBuffA

advapi32

RegCloseKey
RegEnumKeyA
RegSetValueA
RegCreateKeyA

ole32

OleRun
CoRegisterClassObject
CoGetClassObject
CoMarshalInterface

Sections

.text
Size: 1.1MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 192KB - Virtual size: 481KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 460KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 118KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.adata
Size: 68KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE