fa0d61899be9904a3c8151d09c95c52609dbdd98740f7ea187986fe809e5cdcc

Sharing

Copy URL Twitter E-mail

General

Target

fa0d61899be9904a3c8151d09c95c52609dbdd98740f7ea187986fe809e5cdcc
Size

1.1MB
MD5

5e44a321a0152196b365e6a26deacc8f
SHA1

51ae25ef3fd5093871d6cdb7bf7f5e39ff2b3ba2
SHA256

fa0d61899be9904a3c8151d09c95c52609dbdd98740f7ea187986fe809e5cdcc
SHA512

f9b9a1f0f706d20892abcc94847924aad32ca66e53da0438e9e1874178c565ed87d30d3c11e3baafdf148127678e2002e65b602fdf78fb904ae5e9815e7a615c
SSDEEP

12288:uaPSPA6h1E5ryCOfleBNZWg98eI/YoRGxJU2azsaJvizSUF3uqI4Is:p6h53ANggHJ9ag0iuo3ub4I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa0d61899be9904a3c8151d09c95c52609dbdd98740f7ea187986fe809e5cdcc

Files

fa0d61899be9904a3c8151d09c95c52609dbdd98740f7ea187986fe809e5cdcc
.exe windows:5 windows x86

58772381eea7f458f2c8ca58b612c523

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GlobalLock
GlobalAlloc
WriteConsoleW
SetFilePointerEx
GetConsoleCP
FlushFileBuffers
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileW
FindFirstFileExW
GetConsoleMode
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocalTime
GetStdHandle
FreeLibraryAndExitThread
ExitThread
CreateThread
GetModuleHandleExW
OutputDebugStringW
InitializeSListHead
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
SetEvent
GetCPInfo
GetLocaleInfoW
LCMapStringW
GetSystemTimeAsFileTime
CreateEventW
GetStringTypeW
CreatePipe
SetHandleInformation
CreateMutexW
ReleaseMutex
lstrlenW
GetTempPathW
LocalFree
CreateFileA
GetThreadLocale
lstrcmpiW
WideCharToMultiByte
CreateDirectoryW
DosDateTimeToFileTime
SystemTimeToFileTime
DuplicateHandle
SetFileTime
SetFilePointer
WriteFile
GetFileType
GetCurrentProcess
CreateFileW
ReadFile
GetFileSize
FindResourceW
SizeofResource
LoadResource
ExitProcess
LockResource
FreeResource
GetCurrentDirectoryW
GetTickCount
GetLastError
MultiByteToWideChar
GetACP
MulDiv
InterlockedIncrement
SetUnhandledExceptionFilter
CloseHandle
Sleep
GetExitCodeProcess
FindClose
FindFirstFileW
CopyFileW
GetPrivateProfileStringW
GetCommandLineW
GetModuleFileNameW
DeleteFileW
InterlockedDecrement
InitializeCriticalSectionAndSpinCount
WTSGetActiveConsoleSessionId
CreateProcessW
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
LoadLibraryW
SetDllDirectoryW
GetProcAddress
GetModuleHandleW
EncodePointer
RtlUnwind
RaiseException
DecodePointer
WaitForSingleObject
ResumeThread
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetLastError
GetSystemDirectoryW

user32

MoveWindow
SetTimer
ShowWindow
DestroyWindow
ReleaseCapture
SetCapture
DefWindowProcW
CreateAcceleratorTableW
ReleaseDC
BeginPaint
EndPaint
InvalidateRect
InvalidateRgn
GetClientRect
ClientToScreen
ScreenToClient
FillRect
GetParent
CharNextW
SetCursor
IntersectRect
LoadCursorW
wvsprintfW
UnionRect
OffsetRect
GetMessageW
TranslateMessage
DispatchMessageW
PostMessageW
PostQuitMessage
CallWindowProcW
RegisterClassW
RegisterClassExW
GetClassInfoExW
CreateWindowExW
SetWindowPos
IsRectEmpty
PtInRect
GetFocus
SendMessageW
SetFocus
IsWindow
GetWindowLongW
GetDC
MessageBoxW
GetGUIThreadInfo
SetWindowRgn
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
GetSysColor
GetCaretPos
SetCaretPos
ShowCaret
HideCaret
GetCaretBlinkTime
CreateCaret
GetWindowRgn
SetRect
DrawTextW
CharPrevW
IsIconic
IsZoomed
MapWindowPoints
GetCursorPos
GetUpdateRect
KillTimer
GetKeyState
GetActiveWindow
IsWindowVisible
GetMonitorInfoW
MonitorFromWindow
LoadImageW
GetWindow
GetWindowRect
GetPropW
SetPropW
GetSystemMetrics
EnableWindow
SetWindowLongW

gdi32

RoundRect
LineTo
GetTextExtentPoint32W
GetClipBox
GetCharABCWidthsW
CreateSolidBrush
CreateRectRgnIndirect
CreatePenIndirect
CombineRgn
CreateRoundRectRgn
GetObjectA
SetWindowOrgEx
GetObjectW
SelectClipRgn
SelectObject
SaveDC
RestoreDC
Rectangle
GetStockObject
DeleteObject
DeleteDC
CreatePen
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetDeviceCaps
ExtSelectClipRgn
SetBkColor
SetBkMode
StretchBlt
SetStretchBltMode
SetTextColor
CreateDIBSection
MoveToEx
TextOutW
ExtTextOutW
GdiFlush
CreateRectRgn
PtInRegion
CreatePatternBrush
GetTextMetricsW

shell32

ShellExecuteW
ShellExecuteExW
CommandLineToArgvW
SHGetSpecialFolderPathW

ole32

CoInitialize
CoUninitialize
CoCreateInstance
CLSIDFromString
CLSIDFromProgID
OleLockRunning
CreateStreamOnHGlobal

oleaut32

VariantClear
VariantInit
SysAllocString
SysFreeString

gdiplus

GdipDeleteBrush
GdipCreateLineBrushI
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetCompositingQuality
GdipSetSmoothingMode
GdipSetPixelOffsetMode
GdipSetTextRenderingHint
GdipSetInterpolationMode
GdipGraphicsClear
GdipDrawImage
GdipDrawImageRectI
GdipDeleteFontFamily
GdipCloneBrush
GdiplusShutdown
GdiplusStartup
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipDeleteFont
GdipGetFamily
GdipDrawString
GdipCreateStringFormat
GdipDeleteStringFormat
GdipSetStringFormatAlign
GdipFree
GdipAlloc
GdipGetPropertyItem
GdipGetPropertyItemSize
GdipImageSelectActiveFrame
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameDimensionsCount
GdipGetImageHeight
GdipGetImageWidth
GdipLoadImageFromStream
GdipSetStringFormatLineAlign

shlwapi

StrCmpW
PathFileExistsW
PathRemoveFileSpecW

comctl32

_TrackMouseEvent
ord17

imm32

ImmReleaseContext
ImmSetCompositionFontW
ImmSetCompositionWindow
ImmGetContext

wtsapi32

WTSQuerySessionInformationW
WTSFreeMemory

netapi32

NetApiBufferFree
NetUserGetInfo

advapi32

FreeSid
CheckTokenMembership
RegCloseKey
RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyExW
AllocateAndInitializeSid

Sections

.text
Size: 558KB - Virtual size: 557KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 425KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

58772381eea7f458f2c8ca58b612c523

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

gdiplus

shlwapi

comctl32

imm32

wtsapi32

netapi32

advapi32

Sections

.text Size: 558KB - Virtual size: 557KB

.rdata Size: 152KB - Virtual size: 152KB

.data Size: 7KB - Virtual size: 21KB

.gfids Size: 1024B - Virtual size: 548B

.tls Size: 512B - Virtual size: 9B

_RDATA Size: 512B - Virtual size: 32B

.rsrc Size: 425KB - Virtual size: 424KB

.reloc Size: 29KB - Virtual size: 28KB

.text
Size: 558KB - Virtual size: 557KB

.rdata
Size: 152KB - Virtual size: 152KB

.data
Size: 7KB - Virtual size: 21KB

.gfids
Size: 1024B - Virtual size: 548B

.tls
Size: 512B - Virtual size: 9B

_RDATA
Size: 512B - Virtual size: 32B

.rsrc
Size: 425KB - Virtual size: 424KB

.reloc
Size: 29KB - Virtual size: 28KB