fb8b019111181743d06e4f9ec63a0e85

General

Target

fb8b019111181743d06e4f9ec63a0e85
Size

113KB
MD5

fb8b019111181743d06e4f9ec63a0e85
SHA1

c6127caf239ffe48cdde77d336d83e56811d69bc
SHA256

e10a9594d5ae01e0c5d0e8fbc63b314e5b31b291e36303b79b04cda3e01fa590
SHA512

70bb466b1993053c70986023835603ab6fd646cf306c6bd7605df99ac0c066536a77cf43b549de92b2e4c115816af5fea0801b3c5481eccad12e04c62d12ec2e
SSDEEP

1536:IZZ7jFuE9eLK+fRdzspLG3TIdM6w160UbOIXKbGqSp7BOLuBVf3//C7Cc4BJw/Tc:gNCjMLGgnw0ESxXxxwdok

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb8b019111181743d06e4f9ec63a0e85

Files

fb8b019111181743d06e4f9ec63a0e85
.exe windows:5 windows x86 arch:x86

ca08530b636be87722140840a768d42b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharNextA
GetParent
TranslateMessage
GetDesktopWindow
GetSystemMetrics

kernel32

GetACP
lstrcmpiA
GetConsoleOutputCP
GetVersion
GetCommandLineW
GetProcessHeap
GetModuleHandleA
RemoveDirectoryA
GlobalFindAtomA
GetDriveTypeA
lstrcmpiW
IsDebuggerPresent
DeleteFileW
SetCurrentDirectoryA
lstrlenA
GetUserDefaultLangID
CopyFileA
GlobalFindAtomW
GetWindowsDirectoryA
GetCurrentProcessId
VirtualAlloc
lstrcmpA
lstrlenW
GetModuleHandleW
GetCommandLineA
VirtualFree
GetOEMCP
GetCurrentThread
GetCurrentProcess
GetThreadLocale
MulDiv
GetTickCount
GetStartupInfoA
RemoveDirectoryW
DeleteFileA

gdi32

GetDeviceCaps
SaveDC
GetTextMetricsA
CreatePalette
SetTextColor
GetPixel
GetStockObject
RectVisible
SetMapMode
GetClipBox
CreateCompatibleDC
RestoreDC
GetObjectA
CreateFontIndirectA
PatBlt
SelectPalette
SetTextAlign
SelectObject
CreateSolidBrush
SetStretchBltMode
DeleteDC
CreatePen
DeleteObject
SetPixel
LineTo

glu32

gluQuadricCallback

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ca08530b636be87722140840a768d42b

Headers

File Characteristics

Imports

user32

kernel32

gdi32

glu32

Sections

.text Size: 13KB - Virtual size: 13KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 78KB - Virtual size: 78KB

.rsrc Size: 12KB - Virtual size: 12KB

.text
Size: 13KB - Virtual size: 13KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 78KB - Virtual size: 78KB

.rsrc
Size: 12KB - Virtual size: 12KB