fcb6de404560d6b16069a3b3c1b58b5a

Sharing

Copy URL Twitter E-mail

General

Target

fcb6de404560d6b16069a3b3c1b58b5a
Size

130KB
MD5

fcb6de404560d6b16069a3b3c1b58b5a
SHA1

dd5c6f07229904f2a0e7af3c41db342ad396fe12
SHA256

ca8af97fd42b8ea97a16733dc542eee8bb710870a065ac170fbc9e256785f96c
SHA512

9b02e0ef97c82bc789b0d31076e653acbaf057e7ba95a2a734c407b1c639b12ca8f8a3862c72301d3efe721d4fdd4a6ba297d4fdcb9d8c3a462416617869aca2
SSDEEP

3072:yrtmZ6C3Jv3gfE8ZbVmtSFelLCnCG3dZYbxubmt1:yrO3Jv3g89o8lOCGtebUb0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fcb6de404560d6b16069a3b3c1b58b5a

Files

fcb6de404560d6b16069a3b3c1b58b5a
.exe windows:4 windows x86 arch:x86

08c3b7babaef756442d6ce35fe09abc5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
OpenMutexA
CreateMutexA
CreateProcessA
GetModuleFileNameA
SetCurrentDirectoryA
DeviceIoControl
GetProcAddress
VirtualAlloc
LoadLibraryA
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
WriteFile
VirtualFree
SetUnhandledExceptionFilter
HeapDestroy
GetFileType
HeapCreate
SetHandleCount
GetOEMCP
GetStdHandle
GetCPInfo
WideCharToMultiByte
GetACP
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
HeapSize
HeapReAlloc
HeapAlloc
CloseHandle
ExitProcess
HeapFree
GetVersion
GetModuleHandleA
RtlUnwind
GetCommandLineA
GetStartupInfoA

user32

GetClientRect
PostQuitMessage
GetDesktopWindow
SendMessageA
ShowWindow
CreateWindowExA
DefWindowProcA
GetMenu
DialogBoxParamA
InvalidateRect
SetWindowPlacement
EnableMenuItem
CheckMenuItem
MessageBoxA
SetWindowPos
UpdateWindow
TranslateMessage
LoadIconA
GetMessageA
DdeFreeDataHandle
DispatchMessageA
DdeClientTransaction
DdeCreateStringHandleA
DdeDisconnect
DdeFreeStringHandle
DdeInitializeA
DdeConnect
DdeUninitialize
LoadCursorA
DestroyWindow
UnregisterClassA
GetWindowRect
RegisterClassExA
GetDlgItem
MoveWindow
ScreenToClient
EndDialog
GetWindowPlacement

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegSetValueExA

comctl32

ord17

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

08c3b7babaef756442d6ce35fe09abc5

Headers

File Characteristics

Imports

kernel32

user32

advapi32

comctl32

Sections

.text Size: 23KB - Virtual size: 23KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 10KB - Virtual size: 11KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 92KB - Virtual size: 91KB

.text
Size: 23KB - Virtual size: 23KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 10KB - Virtual size: 11KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 92KB - Virtual size: 91KB