fb4bf3bd2c07d7caa80d8e6922679ecc

Sharing

Copy URL Twitter E-mail

General

Target

fb4bf3bd2c07d7caa80d8e6922679ecc
Size

157KB
MD5

fb4bf3bd2c07d7caa80d8e6922679ecc
SHA1

4e9c60ffd443e7f52cabeadcef4d2fdcbd129ca8
SHA256

15ebf5dcfbebcd1e460d233cf23ea6f5855685f544ff26ef27106c0e7fd65d3e
SHA512

095b0c583e61c8688d6832c9b141ecb6a2b428952b6e9ed3e77603f77084dca71c572b36868394b785649995f86a35d31f29d7e4b2ef39eea674565e1591ed98
SSDEEP

1536:LcA/nScTh8R8wiNM86n9pZvMYlvyjCoOl:3/ScTORc6nDyGo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb4bf3bd2c07d7caa80d8e6922679ecc

Files

fb4bf3bd2c07d7caa80d8e6922679ecc
.exe windows:1 windows x86 arch:x86

ead412067a5735b75a32b5b0fba52560

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
GetProcessHeap
LeaveCriticalSection
lstrlenW
lstrcmpiW
GetProcessHeap
FreeLibrary
CreateFileW
LoadLibraryA
HeapDestroy
GetModuleHandleA
QueryPerformanceCounter
GetSystemTimeAsFileTime
FreeLibrary
GetModuleHandleA
lstrlenW
SetUnhandledExceptionFilter
InitializeCriticalSection
Sleep
MultiByteToWideChar
GetModuleHandleA
LeaveCriticalSection
GetProcAddress
GetVersionExA
GetProcAddress
MultiByteToWideChar
CreateThread
GetModuleHandleA
CloseHandle
WaitForSingleObject
Sleep
VirtualAlloc
WaitForSingleObject
lstrlenW
WaitForSingleObject
GetACP
LocalAlloc
GetCommandLineW
LoadLibraryA
SetUnhandledExceptionFilter
GetModuleHandleW
InitializeCriticalSection
ExitProcess
GetCommandLineW
GetModuleHandleW
GetCurrentProcess
TerminateProcess
GetProcAddress
MultiByteToWideChar
SetEvent
MultiByteToWideChar
QueryPerformanceCounter
lstrlenW
DeleteCriticalSection
ExitProcess
ReadFile
HeapAlloc
GetModuleFileNameA
GetTickCount
GetTickCount
WaitForSingleObject
lstrcmpiW
LoadLibraryA
GetProcessHeap
Sleep
Sleep
VirtualAlloc
LocalFree
LoadLibraryW
SetLastError
GetStartupInfoA
lstrcmpiW
GetModuleHandleA
GetProcessHeap
CreateThread
GetModuleFileNameA
GetCommandLineW
QueryPerformanceCounter
GetModuleHandleW
GetACP
ReadFile
GetACP
GetACP
LoadLibraryW
CreateFileW
GetProcAddress
GetCurrentThreadId
lstrlenW
SetLastError
ExitProcess
ExitProcess
LoadLibraryW
HeapDestroy
GetModuleFileNameA
GetProcessHeap
InitializeCriticalSection
GetCommandLineA
CreateFileW
GetCommandLineA
QueryPerformanceCounter
UnhandledExceptionFilter
FormatMessageW
GetVersionExA
GetModuleHandleW
FormatMessageW
MultiByteToWideChar
CloseHandle
WaitForSingleObject
SetUnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCommandLineW
WideCharToMultiByte
DeleteCriticalSection
GetModuleHandleW
LoadLibraryA
LocalAlloc
WaitForSingleObject
GetLastError
GetModuleHandleA
QueryPerformanceCounter
GetACP
LoadLibraryW
TerminateProcess
GetCurrentThreadId
HeapAlloc
LeaveCriticalSection
GetCurrentProcessId
CloseHandle
CreateFileW
SetEvent
LoadLibraryW
lstrcmpiW
TerminateProcess
HeapDestroy
VirtualFree
SetFilePointer
LocalFree
ReadFile
CreateFileW
LoadLibraryA
SetLastError
WaitForSingleObject
TerminateProcess
InterlockedIncrement
DeleteCriticalSection
WriteFile
MultiByteToWideChar
LoadLibraryW
GetACP
GetCommandLineW
lstrlenW
HeapAlloc
EnterCriticalSection
HeapReAlloc
QueryPerformanceCounter
EnterCriticalSection
ExitProcess
HeapReAlloc
SetLastError
GetACP
CloseHandle
WideCharToMultiByte
CreateThread
WideCharToMultiByte
LoadLibraryW
InitializeCriticalSection
LocalFree
WriteFile
GetTickCount
QueryPerformanceCounter
HeapAlloc
FormatMessageW
InterlockedIncrement
ExitProcess
HeapFree
HeapDestroy
MultiByteToWideChar
WaitForSingleObject
LoadLibraryA
UnhandledExceptionFilter
GetStartupInfoA
GetCommandLineW
LocalFree
InitializeCriticalSection
GetModuleFileNameA
ExitProcess
LocalAlloc
GetCommandLineW
HeapFree
VirtualAlloc
lstrlenW
WaitForSingleObject
WaitForSingleObject
GetCurrentProcessId
LocalAlloc
lstrcmpiW
GetCurrentProcess
GetProcessHeap
GetModuleFileNameA
LocalFree
HeapFree
GetProcessHeap
WaitForSingleObject
SetLastError
EnterCriticalSection
GetProcAddress
GetVersionExA
SetLastError
LoadLibraryA
GetVersionExA
HeapDestroy
HeapDestroy
UnhandledExceptionFilter
lstrlenW
CreateFileW
CreateThread
LeaveCriticalSection
TerminateProcess
lstrcmpiW
GetACP
SetFilePointer
LoadLibraryW
EnterCriticalSection
LoadLibraryA
DeleteCriticalSection
GetModuleHandleA
GetModuleHandleW
MultiByteToWideChar
MultiByteToWideChar
HeapDestroy
GetModuleHandleA
HeapReAlloc
LeaveCriticalSection
WideCharToMultiByte
SetUnhandledExceptionFilter
ReadFile
ExitProcess
FreeLibrary
SetUnhandledExceptionFilter
VirtualAlloc
LocalAlloc

Sections

.test
Size: 139KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.test
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.test
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.test
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.test
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.test
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.test
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.test
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.test
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.test
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.test
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.test
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.test
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.test
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.test
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ead412067a5735b75a32b5b0fba52560

Headers

File Characteristics

Imports

kernel32

Sections

.test Size: 139KB - Virtual size: 164KB

.test Size: 1024B - Virtual size: 4KB

.test Size: 512B - Virtual size: 4KB

.test Size: 1KB - Virtual size: 4KB

.test Size: 7KB - Virtual size: 8KB

.test Size: 512B - Virtual size: 4KB

.test Size: 512B - Virtual size: 4KB

.test Size: 1KB - Virtual size: 1KB

.test Size: 512B - Virtual size: 12B

.test Size: 512B - Virtual size: 4KB

.test Size: 512B - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 4KB

.test Size: 1024B - Virtual size: 4KB

.test Size: 512B - Virtual size: 4KB

.test Size: 512B - Virtual size: 4KB

.test Size: 512B - Virtual size: 4KB

.test
Size: 139KB - Virtual size: 164KB

.test
Size: 1024B - Virtual size: 4KB

.test
Size: 512B - Virtual size: 4KB

.test
Size: 1KB - Virtual size: 4KB

.test
Size: 7KB - Virtual size: 8KB

.test
Size: 512B - Virtual size: 4KB

.test
Size: 512B - Virtual size: 4KB

.test
Size: 1KB - Virtual size: 1KB

.test
Size: 512B - Virtual size: 12B

.test
Size: 512B - Virtual size: 4KB

.test
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 4KB

.test
Size: 1024B - Virtual size: 4KB

.test
Size: 512B - Virtual size: 4KB

.test
Size: 512B - Virtual size: 4KB

.test
Size: 512B - Virtual size: 4KB