fc80dcc243b529f2f5cb4d954bd3cacc

Sharing

Copy URL Twitter E-mail

General

Target

fc80dcc243b529f2f5cb4d954bd3cacc
Size

1.1MB
MD5

fc80dcc243b529f2f5cb4d954bd3cacc
SHA1

8874cc2a1888ac79c8ef30e729cb7b479c44a0fe
SHA256

dd7ed74dd4cdcb4fbbdbdf221d3d301b26a5a19eaba6877ad6a86a3fd56416c6
SHA512

0a6c93a60240dbed8f793462a2bb01a2082cd3202da6ceca9e11c8c1c156a237798e5d0c9913f721f12a3b785f50f77ddfeec6ea8988f0721aad6b8d06e2be0c
SSDEEP

24576:VY6BYht57yqC8iYbQ5Bu0z/ZtK1oBRkoN3pE3:Ahz7yqC8ivu0DBrx+3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc80dcc243b529f2f5cb4d954bd3cacc

Files

fc80dcc243b529f2f5cb4d954bd3cacc
.exe windows:4 windows x86 arch:x86

fa1c736b15ba10c0d3ee9be6b2164913

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadResource
FindResourceA
SizeofResource
GetTempPathA
LockResource
CreateFileA
WriteFile
CloseHandle
FreeResource
SetCurrentDirectoryA
lstrlenA
CompareStringW
CompareStringA
DebugBreak
GetStdHandle
InterlockedDecrement
OutputDebugStringA
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetModuleFileNameA
MultiByteToWideChar
ExitProcess
TerminateProcess
GetCurrentProcess
GetLastError
SetConsoleCtrlHandler
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
Sleep
GetStringTypeA
GetStringTypeW
SetHandleCount
GetFileType
GetStartupInfoA
ReadFile
IsBadWritePtr
IsBadReadPtr
HeapValidate
UnhandledExceptionFilter
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
GetCommandLineA
GetVersion
GetCPInfo
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetVersionExA
RtlUnwind
SetStdHandle
SetFilePointer
WideCharToMultiByte
HeapAlloc
HeapReAlloc
HeapFree
VirtualFree
VirtualAlloc
GetModuleHandleA
GetEnvironmentVariableA
HeapDestroy
HeapCreate
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
FlushFileBuffers
GetACP
GetOEMCP
GetTimeZoneInformation
GetLocaleInfoW
LCMapStringA
LCMapStringW
SetEnvironmentVariableA

advapi32

RegCreateKeyExA
RegCreateKeyA
RegSetValueA
RegSetValueExA
RegCloseKey
RegOpenKeyExA

shell32

ShellExecuteA

Sections

.text
Size: 261KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 846KB - Virtual size: 845KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa1c736b15ba10c0d3ee9be6b2164913

Headers

File Characteristics

Imports

kernel32

advapi32

shell32

Sections

.text Size: 261KB - Virtual size: 260KB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 846KB - Virtual size: 845KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 261KB - Virtual size: 260KB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 846KB - Virtual size: 845KB

.reloc
Size: 9KB - Virtual size: 8KB