faabbc326ce64c9b9621138e26575306

Sharing

Copy URL Twitter E-mail

General

Target

faabbc326ce64c9b9621138e26575306
Size

103KB
MD5

faabbc326ce64c9b9621138e26575306
SHA1

1205004f2c7269978fb35a6aa63f989c4d83b7f9
SHA256

e4fbb1b4a41ef5605170a3f629802f172da1af9dd7d24e3879b74470bf015335
SHA512

6310deefeb6ad367cabac12384b710d686bfaf965fdd3892e01d0075a186ac42c6ee3bc5d689465024389aa78797cc4bd72719a93abfb028a595028c3d0fdc89
SSDEEP

768:P4hqJ9q90aETv4kr0JRnWUiCn0E9AlB7TPkJkckTIdXdKx4VSEp+tHH+nHhtnysw:/J9pdQkoJLiNEjHSE4ahtnyyZ4e5Sa1y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
faabbc326ce64c9b9621138e26575306

Files

faabbc326ce64c9b9621138e26575306
.exe windows:4 windows x86 arch:x86

df5aafe4f3750a08ca989b4032ea834c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

libgcc_s_dw2-1

_Unwind_Resume
__deregister_frame_info
__register_frame_info
__udivdi3
__umoddi3

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___mb_cur_max_func
__getmainargs
__initenv
__lconv_init
__p__acmdln
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_errno
_initterm
_iob
_itoa
_lock
_onexit
_unlock
abort
atoi
calloc
exit
fprintf
fputc
free
fwrite
localeconv
localtime
malloc
memcpy
puts
setlocale
signal
strchr
strerror
strftime
strlen
strncmp
time
vfprintf
wcslen

user32

GetAsyncKeyState
GetForegroundWindow
GetWindowTextA

libstdc++-6

_ZNKSt5ctypeIcE13_M_widen_initEv
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE12find_last_ofEPKcjj
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE4findEPKcjj
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE7compareEPKc
_ZNSo3putEc
_ZNSo5flushEv
_ZNSo9_M_insertImEERSoT_
_ZNSt14basic_ofstreamIcSt11char_traitsIcEEC1EPKcSt13_Ios_Openmode
_ZNSt14basic_ofstreamIcSt11char_traitsIcEED1Ev
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE10_M_replaceEjjPKcj
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE14_M_replace_auxEjjjc
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE6assignEPKc
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_appendEPKcj
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_assignERKS4_
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_createERjj
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEC1EOS4_
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEaSEOS4_
_ZNSt8ios_base4InitC1Ev
_ZNSt8ios_base4InitD1Ev
_ZSt16__ostream_insertIcSt11char_traitsIcEERSt13basic_ostreamIT_T0_ES6_PKS3_i
_ZSt16__throw_bad_castv
_ZSt19__throw_logic_errorPKc
_ZSt20__throw_length_errorPKc
_ZSt24__throw_out_of_range_fmtPKcz
_ZSt4cout
_ZdaPv
_ZdlPv
_Znaj
__gxx_personality_v0

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/14
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/41
Size: 512B - Virtual size: 329B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/55
Size: 1024B - Virtual size: 553B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/67
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/80
Size: 512B - Virtual size: 153B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

df5aafe4f3750a08ca989b4032ea834c

Headers

File Characteristics

Imports

libgcc_s_dw2-1

kernel32

msvcrt

user32

libstdc++-6

Sections

.text Size: 34KB - Virtual size: 33KB

.data Size: 512B - Virtual size: 96B

.rdata Size: 2KB - Virtual size: 2KB

/4 Size: 6KB - Virtual size: 6KB

.bss Size: - Virtual size: 3KB

.idata Size: 4KB - Virtual size: 3KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 8B

/14 Size: 512B - Virtual size: 56B

/29 Size: 8KB - Virtual size: 7KB

/41 Size: 512B - Virtual size: 329B

/55 Size: 1024B - Virtual size: 553B

/67 Size: 512B - Virtual size: 56B

/80 Size: 512B - Virtual size: 153B

.text
Size: 34KB - Virtual size: 33KB

.data
Size: 512B - Virtual size: 96B

.rdata
Size: 2KB - Virtual size: 2KB

/4
Size: 6KB - Virtual size: 6KB

.bss
Size: - Virtual size: 3KB

.idata
Size: 4KB - Virtual size: 3KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 8B

/14
Size: 512B - Virtual size: 56B

/29
Size: 8KB - Virtual size: 7KB

/41
Size: 512B - Virtual size: 329B

/55
Size: 1024B - Virtual size: 553B

/67
Size: 512B - Virtual size: 56B

/80
Size: 512B - Virtual size: 153B