fc8d7591699813168877f624ea4139c8

Sharing

Copy URL Twitter E-mail

General

Target

fc8d7591699813168877f624ea4139c8
Size

302KB
MD5

fc8d7591699813168877f624ea4139c8
SHA1

3ff95b393a48bd28640f6dad5b7d5e27327933c9
SHA256

34ec87252e6da7d44d4dce2f824fa4ccd8015f472a7faa3be827a05b7ca9e42a
SHA512

7d58dea9907d7c177838967a2e71c572549750e4a5c13cd916dc315371fc3dc7c200da60ef75a3781c3ca10673a813b966102373882f6023b856b710ffbe6572
SSDEEP

6144:dAd2lKwmDKghi919WCW08Z1OxpGw6UDiRGBs+FJhlinWR+6QlX69W:fmDKgheWZr1IkRRGBsMhlQlN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc8d7591699813168877f624ea4139c8

Files

fc8d7591699813168877f624ea4139c8
.exe windows:5 windows x86 arch:x86

4d17d8945c17f78394cbb46a2dbacf83

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
CloseHandle
SetStdHandle
IsProcessorFeaturePresent
SetFilePointer
InitializeCriticalSection
GetConsoleCP
FlushFileBuffers
HeapFree
HeapQueryInformation
HeapSize
HeapReAlloc
MultiByteToWideChar
LCMapStringW
RtlUnwind
GetSystemDefaultLCID
WriteFile
GetCurrentProcess
HeapAlloc
GetLocaleInfoA
lstrlenA
GetConsoleMode
CreateFileA
OutputDebugStringW
WriteConsoleW
OutputDebugStringA
RaiseException
InterlockedIncrement
InterlockedDecrement
DecodePointer
GetProcAddress
GetModuleHandleW
ExitProcess
GetCommandLineA
HeapSetInformation
GetStartupInfoW
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
GetModuleFileNameW
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
TlsAlloc
TlsGetValue
TlsSetValue
GetCurrentThreadId
TlsFree
SetLastError
GetLastError
GetStringTypeW
GetStdHandle
HeapValidate
IsBadReadPtr
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LoadLibraryW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
CreateFileW

user32

RegisterClassA
SetDlgItemTextA
FindWindowA
DispatchMessageA
DestroyWindow
GetMessageA
SendDlgItemMessageA
wsprintfA
TranslateMessage
MessageBoxA
CreateAcceleratorTableA
GetWindowLongA
CheckDlgButton
LoadAcceleratorsA
PostMessageA

advapi32

EnumServicesStatusA
OpenSCManagerA

ws2_32

bind
WSACleanup
WSAStartup
socket

Sections

.text
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d17d8945c17f78394cbb46a2dbacf83

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Sections

.text Size: 122KB - Virtual size: 122KB

.rdata Size: 34KB - Virtual size: 33KB

.data Size: 144KB - Virtual size: 152KB

.rsrc Size: 512B - Virtual size: 436B

.text
Size: 122KB - Virtual size: 122KB

.rdata
Size: 34KB - Virtual size: 33KB

.data
Size: 144KB - Virtual size: 152KB

.rsrc
Size: 512B - Virtual size: 436B