047be9f191630899753167b733db1a82

Sharing

Copy URL

Twitter E-mail

General

Target

047be9f191630899753167b733db1a82
Size

122KB
MD5

047be9f191630899753167b733db1a82
SHA1

d851454f4fabf163333758536b04d6431ceecc23
SHA256

e56e5e390a12344cd66aff9d96a9d335ad96e2bd02612e9047b5d26612ae61dc
SHA512

8ba278594381e0429aa10622a7f23d2863429fbeca5302008ba7d75bc1bb4bef732ac2017c243ffb46e0fd2789e1d4e53eb60bb9e9fca4cc724bc68084c1e5ce
SSDEEP

3072:70G3+jaoRFUFYcfSCRTnke4jrjE//WP27KgWB:70g+jao0F/Rrke47E//nI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ForMeNot.exe

Files

047be9f191630899753167b733db1a82
.zip
ForMeNot.exe
.exe windows:4 windows x86 arch:x86

bfd241df775948bd33554261d9a059bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindFileNameA
PathFindExtensionA
PathIsUNCA
PathFileExistsA
PathStripToRootA
PathRenameExtensionA

kernel32

GetTimeFormatA
GetDateFormatA
GetStartupInfoA
GetCommandLineA
ExitProcess
RaiseException
RtlUnwind
HeapReAlloc
TerminateProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetTimeZoneInformation
VirtualProtect
GetSystemInfo
VirtualQuery
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEnvironmentVariableA
lstrlenA
GetSystemTimeAsFileTime
GetLocaleInfoA
HeapAlloc
HeapFree
GetFileTime
GetFileAttributesA
FileTimeToLocalFileTime
SetErrorMode
WideCharToMultiByte
CompareStringW
GetACP
MultiByteToWideChar
InterlockedExchange
lstrcmpiA
GetThreadLocale
CompareStringA
GetVersionExA
GetVersion
SizeofResource
LockResource
LoadResource
FindResourceA
CreateMutexA
GetLastError
GetTickCount
GetModuleFileNameA
lstrcpynA
GetShortPathNameA
lstrcpyA
GetLocalTime
SetLastError
LocalFree
FormatMessageA
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
GlobalFree
FreeResource
GetProcAddress
GetModuleHandleA
GlobalAddAtomA
GlobalGetAtomNameA
lstrcatA
WritePrivateProfileStringA
FileTimeToSystemTime
GetOEMCP
GetCPInfo
GlobalFlags
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
lstrcmpW
FreeLibrary
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomA
GetCurrentThreadId
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
CreateFileA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
CloseHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
InterlockedDecrement
GetCurrentThread
EnumResourceLanguagesA
lstrcmpA
ConvertDefaultLocale

user32

EndPaint
LoadCursorA
GetDCEx
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ShowOwnedPopups
GetMessageA
TranslateMessage
ValidateRect
SetMenuItemBitmaps
ModifyMenuA
GetMenuCheckMarkDimensions
LoadBitmapA
MoveWindow
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
GetMenuItemInfoA
CreateDialogIndirectParamA
GetNextDlgTabItem
EndDialog
SetWindowsHookExA
CallNextHookEx
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
IsChild
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
RegisterClassA
UnregisterClassA
SetWindowPlacement
DefWindowProcA
CallWindowProcA
GetWindowPlacement
RegisterWindowMessageA
DestroyMenu
GetClassNameA
WinHelpA
SetFocus
GetFocus
EqualRect
GetDlgItem
GetKeyState
GetDlgCtrlID
UnpackDDElParam
ReuseDDElParam
GetClassInfoA
SetCursor
PeekMessageA
GetCapture
LoadAcceleratorsA
IsIconic
InsertMenuItemA
IntersectRect
SetMenu
ShowWindow
GetWindow
InvalidateRect
SetRectEmpty
CharUpperA
LoadMenuA
LoadIconA
GetDesktopWindow
LockWindowUpdate
DeferWindowPos
IsWindow
wsprintfA
EnableWindow
PostQuitMessage
CreatePopupMenu
GetSubMenu
DeleteMenu
PtInRect
ReleaseDC
AdjustWindowRectEx
SetWindowPos
SetWindowLongA
TranslateAcceleratorA
TranslateMDISysAccel
CreateWindowExA
GetActiveWindow
DrawMenuBar
GetMenu
DefFrameProcA
MessageBoxA
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
GetMenuState
IsWindowVisible
EnableMenuItem
AppendMenuA
GetCursorPos
SetForegroundWindow
PostMessageA
SetActiveWindow
InsertMenuA
CopyRect
GetSysColorBrush
FillRect
GetSysColor
InflateRect
FrameRect
RedrawWindow
SendMessageA
GetClientRect
IsZoomed
BringWindowToTop
ShowScrollBar
SetTimer
GetMenuItemID
GetMenuItemCount
AdjustWindowRect
GetDC
SetRect
OffsetRect
GetWindowRect
GetAsyncKeyState
WindowFromPoint
ReleaseCapture
CheckMenuItem
SetCapture
ScreenToClient
GetSystemMetrics
DrawIconEx
SystemParametersInfoA
GetClassLongA
SetClassLongA
DestroyIcon
SetParent
LoadImageA
GetParent
UpdateWindow
FlashWindow
KillTimer

gdi32

SetBkMode
SetMapMode
ExcludeClipRect
IntersectClipRect
SelectClipRgn
CreateRectRgn
GetPixel
PtVisible
RectVisible
TextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
RestoreDC
SetWindowExtEx
ScaleWindowExtEx
CreatePatternBrush
SetRectRgn
CombineRgn
GetBkColor
SaveDC
CreateBitmap
PatBlt
CreateRectRgnIndirect
ExtTextOutA
BitBlt
SetBkColor
SetTextColor
GetClipBox
GetTextMetricsA
GetCharWidthA
CreateFontA
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
StretchDIBits
DeleteDC
GetDeviceCaps
CreateSolidBrush
GetTextExtentPoint32A
Rectangle
SelectObject
CreateFontIndirectA
ScaleViewportExtEx
GetStockObject
GetObjectA

comdlg32

ChooseFontA
ChooseColorA
GetSaveFileNameA
GetOpenFileNameA
GetFileTitleA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

shell32

DragQueryFileA
DragFinish
Shell_NotifyIconA

comctl32

ImageList_Create
ImageList_Destroy
ord17
ImageList_GetImageInfo
ImageList_Draw
ImageList_ReplaceIcon

winmm

PlaySoundA
mciSendStringA

oleaut32

SysAllocStringLen
VariantClear
VariantChangeType
VariantInit

oleacc

LresultFromObject
CreateStdAccessibleObject

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey

Sections

.text
Size: 165KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
LisezMoi.txt

Sharing

General

Malware Config

Signatures

Files

bfd241df775948bd33554261d9a059bc

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

comdlg32

winspool.drv

shell32

comctl32

winmm

oleaut32

oleacc

advapi32

Sections

.text Size: 165KB - Virtual size: 164KB

.rdata Size: 45KB - Virtual size: 45KB

.data Size: 7KB - Virtual size: 21KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 165KB - Virtual size: 164KB

.rdata
Size: 45KB - Virtual size: 45KB

.data
Size: 7KB - Virtual size: 21KB

.rsrc
Size: 17KB - Virtual size: 17KB