fc3b51b3c47db6f1b8923ca3e7820956

Sharing

Copy URL Twitter E-mail

General

Target

fc3b51b3c47db6f1b8923ca3e7820956
Size

2.0MB
MD5

fc3b51b3c47db6f1b8923ca3e7820956
SHA1

0729f3c5bd6aa88eeb73bfceba0129a936773129
SHA256

65b92f713e8072aed530cacbbedad5e724731d9c9d7b049f687ca5b47929754a
SHA512

5b08840b31d1ca25b525bbc8f9f8b2bb78d21fb3a17ceb436ea489cad057e3b8e023e9287ca82c1d50061dc55ab23a6eee7c39668994a02758e832c641361c18
SSDEEP

49152:+BldQgXAc0HDGkWlp2lzfC21E2HTrTz9tnjXmQzLVwe5f:ildw5HD6pO+4FHLz3Vwk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/GOT+8Tr-LNG/GOT+8Tr-LNG.exe

Files

fc3b51b3c47db6f1b8923ca3e7820956
.rar
GOT+8Tr-LNG/GOT+8Tr-LNG - I.N.F.O.txt
GOT+8Tr-LNG/GOT+8Tr-LNG.exe
.exe windows:4 windows x86 arch:x86

f492f9ced508a73fd962d57fcb77f958

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaFpR4

kernel32

SizeofResource
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

winmm

waveOutWrite

user32

MessageBoxA

Exports

Exports

��{�L��jZ�L��d;��;�SW��$��U��I|��4�G"�$JD��u�'ۈM��D�鹫M�]7;�1t^�/��$ġ�is�A�=;�p6_«�9�ɩ��q�1�]�}'�F6fd��қz��X�ZJ�C��V\�4�-�kͶ��vl\8��)CtE��1J+�k٠��&z0�8��NYy��Zi*�I'b͋D%��''�nI�D�\�x��|�4��ہ��=�t��'C��N��q7,�;R^�ʧZ) *´:_��>��]i:��Gym\�ms^+�r�׮{wr֜��o�> ��C��%}��!��`7��g��Xa�G ��I/i��a�Rz1J��{�< P�1Lt�|��&�v �:��l�p�ǚ�{\\��W�w�-|��p��K ��J��p��^��>/��V�y��J�� "4�F��)i ��"�(�+�1�[�KO;H_��ȏ�Ǡ�v��fm׫Mb�� p�첬�9�)�7�0%�IK�I��粀 ��{��ƕ�T� ��`�s�$��cL�%�@U��ІL3��4.MXM��Կ�¿s�(�?�ؙ��| �SS)yq'�%�0I��$L��~Q��O��;��*q�z��Y��g�_s?r��OT��\x�moq�/ɔDt��-��8w�ȩx��&�F5��V\3�o'_�̬�S�P��(��2ӳ�ՏѠ8-�p��]+��:�9��#UH �I�{�oM�2-Y��i|��`<o�7�#;��<Xt�8�\;��ąHS��((��t6��X�dz�J>��S{��>,��3��A1:�,��`��M��FpM��e��W�渆��rq��2�45�m��O%�a�M��⤰��,m�R�G* ��zy�� N}��vF�>*L>��i}�cB4��-��q_��H�l�U��vVX�{��n�XvX�~��B$�0�9C)��# {��ׯY^�� @ݑ/.AL�"��pLw��rݽ�#��<%��_�Nlsl�%P�Ps%U��G�!t� ��o�З�yY��W��4��.32�HNnl~ZU�mPe��u��-��76��q*��L(o��W2��u{�E�\��h씚��>��ɗ<<��W�?^��4B8uKIgڰp�}i�ׅ�`�kj��X�}��b��9�E�3˜��?��Moc��/��H��(c�'��B�|BDx�d��E3׶j�S�C�{'�u�N��$��z�F��o�r�ﴄP�yJ�L�ہʦ �l�~�Sq�� Ey�wFX��zA1�4�+䜊�+��]�v��) de;y^��W��N�iAfq�^I3Vf��-p��p�d�S��S�Li��N3{l�,VR�9��R+_��)��Û��ED;�!�ޠ}G1�|X��B��*O�?��P.^6cU�5�X݁nky��l��W��4 O�V-!��>��:(x��Q�� =܈*ON����߮�㫈��R� ��Ш'�ǫ!��z�N�#o�e��}}�M7\�C�U�%C$��"�TX��)aJ8�_Rd v7u~�j*U$�Pb��Xn�7[�M��R��et��q�I}��3�"ei��C�6�%��K�^5�[�Ѹ�p^��C��L��c��i�>^Z�c.#x�M��N�ؐ�a!��l�PU'<��~�e�L��L�)Iy�!��t�!�>1RBMP��.0�\P�]�!��J�ݡu䩯��_J��0��E�Z�U�s�>�Z�JkX*�E>��'��_iTă�BO>Y. ��eķQĺl�f��a��{~�Ihe=9��f��͌Ⱦ�;�={� B�U��s0�$�*�S�ܘ�b�EK�A_�< 1ԝGT��ߥ��2jJ5Y*!d-�b�� MCx�"�If6�e��ך��E��{��x9��1~槶g�e��ؼ�V-^��o��/)˒�ۿ��˃�(�!��8@~��4��~:��7�y@��3�� }6,��Y��SA'�U�r�u`D6��v�b��z<�w} 9񭿻�#m��"�r<�ȍA��B��S�2@��ޭ��/�2�3+�� )_8'�z��c�~u�#��Z�m�}Nʛ[(/8[8��*E1�]��s=��y��V�|q ��O�� ^Z�Nj��b�#ao�e��>x�{��HHH�p�i�;�7�~V*��e餶�ԇ�V.0K��t#zE��SLu��!�w��Zn'CӮ��/� �)3Ɫ��VSR`��j)�/�í�H��> �􆟨�b�רחK��Pa�15m�+mk��x��ۉ.K��vh�2��&��O�{ �P3�� Z�N�[7]C�7A��L�#W��8�A臺��]hMψ�QÒM��ߜ��@;Ə�T�N��⁥-oBU��wp;->?��!>�f�� .�"O�ފ.Iq�8ę�IV�F��,&0J�4[$�.�Y�IxE�� (Pn}Mg��Rj9��^��r2ګ��VmÖ6PQ�➵��GF��o4ǪA{�W�5\�ۏ��[+�t�h~�g0��)$��͗��{�Q�Q�u#$��ҡ��s?��N��Y�I3�bW��\a�zxe��{ބv��;]&_tK.l_$��y�?��CR5J��H��o��|��K#( �*�xO�ں�.��f�፠��%�kY'��O.Y�c��@�O[��S��i*<�f�l�39K�?~��`?�.�1�xk��2��r��`��CO��PW�c��z��ҭ%7:J��v��W��:o��h�S�gf��eǱ��VT��CL��7`p�x��9��jG��2 q��\��5�"�؏֦(��m��JҬ�=��𺨌��r7dvr�2�

Sections

.text
Size: - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.VCrypt0
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.tls
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.VCrypt1
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
GOT+8Tr-LNG/VERY IMPORTANT!.txt

Sharing

General

Malware Config

Signatures

Files

f492f9ced508a73fd962d57fcb77f958

Headers

File Characteristics

Imports

msvbvm60

kernel32

winmm

user32

Exports

Exports

Sections

.text Size: - Virtual size: 3.5MB

.data Size: - Virtual size: 84KB

.rsrc Size: 21KB - Virtual size: 1.0MB

.VCrypt0 Size: - Virtual size: 1.5MB

.tls Size: 512B - Virtual size: 24B

.VCrypt1 Size: 2.0MB - Virtual size: 2.0MB

.text
Size: - Virtual size: 3.5MB

.data
Size: - Virtual size: 84KB

.rsrc
Size: 21KB - Virtual size: 1.0MB

.VCrypt0
Size: - Virtual size: 1.5MB

.tls
Size: 512B - Virtual size: 24B

.VCrypt1
Size: 2.0MB - Virtual size: 2.0MB