fb5f475b6853aa957a6e221f5a0b6745

Sharing

Copy URL

Twitter E-mail

General

Target

fb5f475b6853aa957a6e221f5a0b6745
Size

340KB
MD5

fb5f475b6853aa957a6e221f5a0b6745
SHA1

6d86e8296cf5e8c2a85b8bc21cec8ad6fe21a5de
SHA256

e9a879c0c171e6f61c2a725ecd7d048c8613e3b907ae29365be0cfbe4e167c45
SHA512

89e246a6f48115cdec2307c8b2a616c5bc18abc3fbd3d89855f327741c21428cf543c17ab94a038cb4044b1957a18c015e38fd0b075c873111b62e968c485558
SSDEEP

6144:NCzlRyeSOT5WnouL0Mw9NDckMb2MZyTRejwt4/pBRZPkmzQuA:NC3HSc0nouL0MEN4bMEwMpB3MV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb5f475b6853aa957a6e221f5a0b6745

Files

fb5f475b6853aa957a6e221f5a0b6745
.exe windows:4 windows x86 arch:x86

f050764733737e9d343042e1db985527

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
OutputDebugStringA
GetProcAddress
GetVersionExA
TerminateProcess
ReadFile
HeapAlloc
HeapFree
CompareStringW
CompareStringA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
CreateFileA
SetStdHandle
FlushFileBuffers
GetStringTypeW
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
GetFileAttributesA
SetEnvironmentVariableA
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetLastError
FindFirstFileA
FindNextFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetSystemTimeAsFileTime
ExitProcess
FreeLibrary
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
VirtualFree
SetHandleCount
SetFilePointer
HeapReAlloc
HeapSize
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
LCMapStringW
WriteFile
CloseHandle
HeapDestroy
HeapCreate
GetStdHandle
GetFileType
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW

user32

PeekMessageA
ShowCursor
UpdateWindow
ShowWindow
CreateWindowExA
RegisterClassA
LoadCursorA
LoadIconA
GetMessageA
SetCursorPos
GetCursorPos
MessageBoxA
SendMessageA
DestroyWindow
PostMessageA
PostQuitMessage
DefWindowProcA
DispatchMessageA
TranslateMessage

gdi32

GetStockObject

ddraw

DirectDrawCreate

dinput

DirectInputCreateA

dsound

DirectSoundCreate

winmm

timeGetTime

Sections

.text
Size: 280KB - Virtual size: 278KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f050764733737e9d343042e1db985527

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ddraw

dinput

dsound

winmm

Sections

.text Size: 280KB - Virtual size: 278KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 44KB - Virtual size: 281KB

.rsrc Size: 4KB - Virtual size: 928B

.text
Size: 280KB - Virtual size: 278KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 44KB - Virtual size: 281KB

.rsrc
Size: 4KB - Virtual size: 928B