fbc5a5c210a3f543a0902a303a7b6446

Sharing

Copy URL Twitter E-mail

General

Target

fbc5a5c210a3f543a0902a303a7b6446
Size

265KB
MD5

fbc5a5c210a3f543a0902a303a7b6446
SHA1

ea6c58ffd0b86a174aa803f9a210f9d2ae117d62
SHA256

bd2befb2eb8726799bee1ebcb0f9525730277f52311c4072007e3c2b51ad1708
SHA512

e6fe563271bc2408371a50413699fda85f4dbc4ed80d9ee2b6d6fd2408f3b5e0fbbe4345d779211430a339d9321222615820fcf9b6bc034fcea093389627ec68
SSDEEP

6144:p9M57ZkMkHGdWYQyyNv2HuwkLoMVy2U0GJYtRgZ/CVmpCU:XM57ZkMkmdWsyNwuwk3bUHYtzan

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbc5a5c210a3f543a0902a303a7b6446

Files

fbc5a5c210a3f543a0902a303a7b6446
.exe windows:4 windows x86 arch:x86

bd937b9dcd9f6e24a66f5a32d810150f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
GetStartupInfoW
GetDateFormatW
CommConfigDialogA
GetLastError
SetThreadPriority
HeapAlloc
WriteFile
TlsAlloc
IsValidLocale
TlsSetValue
SetFileTime
WaitForMultipleObjects
EnumSystemLocalesA
SetHandleCount
SetLastError
DeleteCriticalSection
GetModuleFileNameW
GetOEMCP
FormatMessageA
MultiByteToWideChar
GetCPInfo
GetStartupInfoA
GetCommandLineA
TryEnterCriticalSection
GetStringTypeW
TlsGetValue
GetLocaleInfoW
GetProcAddress
GetConsoleOutputCP
GetLocaleInfoA
VirtualProtect
CopyFileA
GetACP
SystemTimeToTzSpecificLocalTime
GetSystemInfo
VirtualQuery
IsValidCodePage
VirtualFree
LCMapStringW
EnterCriticalSection
GetTimeZoneInformation
TlsFree
GetFileType
HeapReAlloc
IsBadWritePtr
ExitProcess
SetWaitableTimer
FreeResource
VirtualAlloc
WideCharToMultiByte
QueryPerformanceCounter
GetCurrentProcess
HeapCreate
GetModuleHandleA
GetDateFormatA
GetUserDefaultLCID
GetVersionExA
GetCurrentThreadId
LeaveCriticalSection
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStrings
GetCurrentProcessId
GetModuleFileNameA
HeapSize
FreeEnvironmentStringsA
OpenEventA
GetTickCount
GetStringTypeA
CompareStringA
GetCurrentThread
SetEnvironmentVariableA
LCMapStringA
RtlUnwind
GetCommandLineW
GetSystemTimeAsFileTime
InterlockedExchange
InitializeCriticalSection
GetFileAttributesExA
OpenProcess
GetEnvironmentStringsW
HeapDestroy
GetStdHandle
GetTimeFormatA
HeapFree
TerminateProcess
LoadLibraryA

advapi32

CryptAcquireContextW
ReportEventW
LookupPrivilegeNameA
InitiateSystemShutdownW
RegSaveKeyA
RegReplaceKeyW
RegEnumKeyW
LookupPrivilegeDisplayNameW
CryptGetUserKey
RegQueryMultipleValuesA
RegEnumKeyExW
RegCreateKeyW
CryptDeriveKey
CryptDuplicateKey
RegSetValueW
RegCloseKey
CryptEnumProviderTypesA
LookupPrivilegeDisplayNameA

gdi32

PaintRgn
GetRandomRgn
GdiGetBatchLimit
CreateEnhMetaFileA
GetPath
EnumICMProfilesA
StartPage
SetMetaRgn
SetWindowOrgEx
GetPixel
OffsetWindowOrgEx
PlayMetaFileRecord

comdlg32

PageSetupDlgW
ReplaceTextW
GetFileTitleW
PrintDlgW
ChooseFontA
ChooseColorA
GetSaveFileNameW
GetOpenFileNameW
LoadAlterBitmap
GetFileTitleA
PrintDlgA
PageSetupDlgA
ChooseColorW
FindTextW

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd937b9dcd9f6e24a66f5a32d810150f

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

comdlg32

Sections

.text Size: 116KB - Virtual size: 115KB

.data Size: 136KB - Virtual size: 147KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 116KB - Virtual size: 115KB

.data
Size: 136KB - Virtual size: 147KB

.rsrc
Size: 11KB - Virtual size: 11KB