Fondue[.]exe | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

Fondue.exe
Size

132KB
MD5

9b6ead5e06f0c61f9e569a6fccbde684
SHA1

90e053299c42b2df079bba9aa901f607df5158b2
SHA256

d61b30a1229479227788ba58efc2648a5faa02f522ae1d24cc9c9dc052a28945
SHA512

513732274111e3df4b11894ba59fb05f2873ec77d28fad6a4c4c5c448b8154dd28c8bc899ecf17490d5cb2c0e89b10ee5d0809112da79f79b13593ac8b3f0d34
SSDEEP

3072:2LiftLDtbEaznWfH22ZsuX2xKwMPTnaSrIrvDR:dftDRznWjZnXeKwMLnaqY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Fondue.exe

Files

Fondue.exe
.exe windows:10 windows x64 arch:x64

e8309e14fd0cd5d0959fcc7f5e47d546

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetCurrentThreadId
GetVersionExW
ProcessIdToSessionId
FormatMessageW
GetLastError
LoadLibraryW
HeapSetInformation
GetProcAddress
GetCurrentProcessId
GetModuleHandleW

user32

IntersectRect
IsRectEmpty
GetForegroundWindow
CreateDesktopW
SetRect
GetMonitorInfoW
CloseDesktop
LoadStringW
GetThreadDesktop
SetThreadDesktop
GetSystemMetrics
MonitorFromWindow
MessageBoxW
EqualRect
GetWindowRect
SwitchDesktop
GetWindowBand
CopyRect

msvcrt

__set_app_type
_commode
?terminate@@YAXXZ
_wcmdln
__C_specific_handler
_initterm
_onexit
_lock
__setusermatherr
__wgetmainargs
_unlock
exit
_fmode
_cexit
_XcptFilter
_exit
__dllonexit
_amsg_exit
memcpy_s
_vsnwprintf
wcsstr
memset

api-ms-win-core-com-l1-1-0

CoUninitialize
CoInitializeSecurity

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
GetStartupInfoW
GetCurrentProcess

api-ms-win-core-errorhandling-l1-1-0

SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetSystemTimeAsFileTime

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry

api-ms-win-core-synch-l1-1-0

WaitForSingleObjectEx
WaitForSingleObject
ReleaseMutex
OpenSemaphoreW
CreateMutexExW
ReleaseSemaphore
CreateSemaphoreExW
OpenMutexW

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-libraryloader-l1-2-0

GetModuleFileNameA
GetModuleHandleExW

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapFree
HeapAlloc

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
OutputDebugStringW
DebugBreak

ole32

CoInitialize

Sections

.text
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8309e14fd0cd5d0959fcc7f5e47d546

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msvcrt

api-ms-win-core-com-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-rtlsupport-l1-1-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-debug-l1-1-0

ole32

Sections

.text Size: 20KB - Virtual size: 17KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 2KB

.pdata Size: 4KB - Virtual size: 912B

.rsrc Size: 88KB - Virtual size: 86KB

.reloc Size: 4KB - Virtual size: 68B

.text
Size: 20KB - Virtual size: 17KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 2KB

.pdata
Size: 4KB - Virtual size: 912B

.rsrc
Size: 88KB - Virtual size: 86KB

.reloc
Size: 4KB - Virtual size: 68B