fa579f8669a97c756965acbd048b61d82f28afa074644d26bec4de313a0056d4

Sharing

Copy URL Twitter E-mail

General

Target

fa579f8669a97c756965acbd048b61d82f28afa074644d26bec4de313a0056d4
Size

4.4MB
MD5

810e6648c54a0c665fa3079832dc7c07
SHA1

25c8c91cdad46147ca160728ea41c91b9167d866
SHA256

fa579f8669a97c756965acbd048b61d82f28afa074644d26bec4de313a0056d4
SHA512

37ce0f5929cc4e0028da5aa35219708ecfbddb1c5c92b287c97bb6f3792ec2ebfd8db6588eb499d996b8642d6843f6ab62e9b22573dce2a095f0c9d1bf23a8cf
SSDEEP

98304:geDGer/TINVrnnFFmveLXoatN0eZHgPa:f/T2VDFzKeZAPa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa579f8669a97c756965acbd048b61d82f28afa074644d26bec4de313a0056d4

Files

fa579f8669a97c756965acbd048b61d82f28afa074644d26bec4de313a0056d4
.exe windows x64

fa248a7f681f82d9e139cf24ffe78369

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetVersion
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

MsgWaitForMultipleObjects

advapi32

RegEnumKeyExA

ole32

CoInitialize

oleaut32

VariantClear

shlwapi

PathIsDirectoryA

ws2_32

getsockname

netapi32

NetWkstaGetInfo

winmm

timeGetDevCaps

Sections

.text
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.FEFE0
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.FEFE1
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.FEFE2
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa248a7f681f82d9e139cf24ffe78369

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

ws2_32

netapi32

winmm

Sections

.text Size: 191KB - Virtual size: 190KB

.rdata Size: 65KB - Virtual size: 65KB

.data Size: 25KB - Virtual size: 46KB

.pdata Size: 11KB - Virtual size: 10KB

.FEFE0 Size: 1.8MB - Virtual size: 1.8MB

.FEFE1 Size: 2KB - Virtual size: 2KB

.FEFE2 Size: 2.3MB - Virtual size: 2.3MB

.reloc Size: 3KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 191KB - Virtual size: 190KB

.rdata
Size: 65KB - Virtual size: 65KB

.data
Size: 25KB - Virtual size: 46KB

.pdata
Size: 11KB - Virtual size: 10KB

.FEFE0
Size: 1.8MB - Virtual size: 1.8MB

.FEFE1
Size: 2KB - Virtual size: 2KB

.FEFE2
Size: 2.3MB - Virtual size: 2.3MB

.reloc
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 3KB