fa443e8d9fe128a8e82a48b97208976d

General

Target

fa443e8d9fe128a8e82a48b97208976d
Size

124KB
MD5

fa443e8d9fe128a8e82a48b97208976d
SHA1

acf3a2e5ebb0942778b28904eb64e46f8ddcd348
SHA256

c13ccc0fff3c8392e7c7e5351ea671750dfc00861fa9fefec434c39971a50a7e
SHA512

7d43f6781bb5e2da38eebe79974d771f05512a9a253bf68b80ba9d34789c30f778cd75a97c1be9542ec2006b3d5d8b3f515aefd33e64ea9a6d429b93535d4594
SSDEEP

3072:WzEVT+8+WGG3hl3/nY4Pwoj5iaNryIH865:WYOWGGx24Pwojt3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa443e8d9fe128a8e82a48b97208976d

Files

fa443e8d9fe128a8e82a48b97208976d
.exe windows:5 windows x86 arch:x86

5912d741a60bbff62ca9ee423935b6a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
LocalFileTimeToFileTime
lstrcatA
InterlockedExchange
SetStdHandle
GetEnvironmentVariableA
SetFilePointer
MultiByteToWideChar
VirtualProtect
GetStartupInfoA

user32

LoadCursorA
DrawEdge
EmptyClipboard

msvcrt

log10
_XcptFilter
clearerr
_initterm
__set_app_type
_adjust_fdiv
exit
__setusermatherr
__p__commode
ftell
malloc
_acmdln
__getmainargs
_wcslwr
__p__fmode
_isctype
_getcwd
_except_handler3
strcat

advapi32

SetSecurityDescriptorOwner
FreeSid
RegOpenKeyA
LookupPrivilegeValueW
EqualSid
RegQueryInfoKeyA
InitiateSystemShutdownA
RegEnumKeyExA
CopySid
RegSetValueExA
RegFlushKey

version

GetFileVersionInfoSizeA
VerFindFileW
VerInstallFileW
VerQueryValueA
GetFileVersionInfoA
VerQueryValueW

comctl32

ImageList_Write
ImageList_GetImageInfo
ImageList_SetBkColor
ImageList_GetIconSize

oleaut32

SafeArrayCreate
SafeArrayPtrOfIndex
SysAllocStringLen
VariantCopyInd
CreateErrorInfo
SafeArrayUnaccessData
SysReAllocStringLen
VariantClear
SysFreeString

shell32

ExtractIconExA
SHGetFileInfo
Shell_NotifyIconW
SHGetFolderPathW
SHFileOperationA
DragFinish
ExtractIconA
SHGetMalloc
SHGetFileInfoA

ole32

CreateItemMoniker
RegisterDragDrop
StringFromCLSID
CoInitializeEx

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5912d741a60bbff62ca9ee423935b6a8

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

advapi32

version

comctl32

oleaut32

shell32

ole32

Sections

.text Size: 74KB - Virtual size: 74KB

.data Size: 15KB - Virtual size: 15KB

.rsrc Size: 33KB - Virtual size: 32KB

.text
Size: 74KB - Virtual size: 74KB

.data
Size: 15KB - Virtual size: 15KB

.rsrc
Size: 33KB - Virtual size: 32KB