fabdc17dcbbbf37822f1f4b9f537ba3d

Sharing

Copy URL Twitter E-mail

General

Target

fabdc17dcbbbf37822f1f4b9f537ba3d
Size

252KB
MD5

fabdc17dcbbbf37822f1f4b9f537ba3d
SHA1

9b36be3bb39e29ea3c8aedc67f1e488c66731fcb
SHA256

e9b74f91dc163e5f0bc9454c20e0e846e4fe0b95376f66e2334800ca7696dc62
SHA512

706ee77e616fcdc87978ef173c3066bdddd714bdec8e8ab6670a42c586e9824916b68a3a2b068168591530b11bc491977cb4cdbee1c31cd615fa11f8f508d124
SSDEEP

3072:ftLXhYj3ykHyu68Ewz/RSn5sQvUOJAs2xZo9zh:W37Hy0h7w5hNJGxI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fabdc17dcbbbf37822f1f4b9f537ba3d

Files

fabdc17dcbbbf37822f1f4b9f537ba3d
.exe windows:4 windows x86 arch:x86

18ccc8a54bbe6b33cfb0fff8ee4da48e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLCID
CreateFileA
CopyFileA
GetLocaleInfoA
Sleep
CreateProcessA
OpenFile
FindResourceA
FreeLibrary
WideCharToMultiByte
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenA
MultiByteToWideChar
lstrlenW
GetCommandLineA
GetCurrentThreadId
CreateMutexA
GetLastError
CloseHandle
lstrcpyA
GetVersionExA
lstrcatA
InitializeCriticalSection
LoadLibraryA
GetProcAddress
lstrcmpiA
IsDBCSLeadByte
lstrcpynA
LoadResource
LoadLibraryExA
SizeofResource
GetSystemDirectoryA
InterlockedDecrement
VirtualFree
IsBadCodePtr
IsBadReadPtr
FlushFileBuffers
SetStdHandle
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetOEMCP
GetACP
GetCPInfo
IsBadWritePtr
VirtualAlloc
LocalFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
HeapSize
GetCurrentProcess
TerminateProcess
GetFileType
GetStdHandle
SetHandleCount
SetFilePointer
ReadFile
WriteFile
ExitProcess
GetVersion
InterlockedIncrement
GetStartupInfoA
RaiseException
HeapReAlloc
HeapFree
HeapAlloc
RtlUnwind
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection

user32

PostThreadMessageA
DefWindowProcA
GetDC
KillTimer
EnableMenuItem
PeekMessageA
EnableWindow
GetDlgCtrlID
EndDialog
GetDlgItem
SetWindowTextA
WinHelpA
LoadStringA
GetWindowRect
GetSystemMenu
EnumChildWindows
DialogBoxParamA
GetParent
SetWindowLongA
CallWindowProcA
wsprintfA
EnumDisplaySettingsA
SetTimer
GetSubMenu
DispatchMessageA
GetMessageA
PostMessageA
CreateWindowExA
RegisterClassA
CharNextA
RegisterWindowMessageA
PostQuitMessage
ReleaseDC
GetSystemMetrics
DestroyMenu
AppendMenuA
DestroyIcon
CreatePopupMenu
TrackPopupMenu
GetCursorPos
SetForegroundWindow
DestroyWindow
SendMessageA
InsertMenuA
FindWindowA
GetMenuStringA

gdi32

DeleteDC
BitBlt
SetBkColor
SetTextColor
SelectObject
CreateCompatibleBitmap
GetStockObject
GetDIBits
CreateCompatibleDC
GetDeviceCaps
CreateDCA
DeleteObject

advapi32

RegQueryInfoKeyA
RegDeleteKeyA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA
RegSetValueExA
RegEnumValueA
RegQueryValueExA
RegOpenKeyA
FreeSid
AllocateAndInitializeSid

shell32

ShellExecuteExA
Shell_NotifyIconA

ole32

CoUninitialize
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoInitialize
CoCreateInstance
CoSuspendClassObjects
CLSIDFromProgID

oleaut32

SysFreeString
SysAllocStringByteLen
SysStringLen
SysAllocString
SysStringByteLen
VariantClear
VarUI4FromStr
LoadTypeLi
RegisterTypeLi

comctl32

DestroyPropertySheetPage
CreatePropertySheetPageA

hccutils

LoadSTRING
LoadBITMAP
LoadIMAGE
GetMyRegKey
LoadDialogString
GetCommonRegKey
EnumDspDev
GetHardwareKey
EnumDeviceByClass
ReleaseClassDevice
FindResources
IsDisplayValid

Sections

.text
Size: 112KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yrdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

18ccc8a54bbe6b33cfb0fff8ee4da48e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

hccutils

Sections

.text Size: 112KB - Virtual size: 110KB

.rdata Size: 16KB - Virtual size: 14KB

.data Size: 16KB - Virtual size: 33KB

.rsrc Size: 4KB - Virtual size: 2KB

.yrdata Size: 68KB - Virtual size: 68KB

.text
Size: 112KB - Virtual size: 110KB

.rdata
Size: 16KB - Virtual size: 14KB

.data
Size: 16KB - Virtual size: 33KB

.rsrc
Size: 4KB - Virtual size: 2KB

.yrdata
Size: 68KB - Virtual size: 68KB