fcefe35409abcdfa14d2f454105260cb

Sharing

Copy URL

Twitter E-mail

General

Target

fcefe35409abcdfa14d2f454105260cb
Size

1.1MB
MD5

fcefe35409abcdfa14d2f454105260cb
SHA1

1f53f01a5c2af90fa48409c3516f69f0b184c54b
SHA256

e039963ba165745f9f2610d92a53b96486416c1f84b34063551909813f0ea96a
SHA512

06b315c4cb6cd75e17b80c61ce8ae36dfff924f7f6e74d2fce921eb0a628e00072a7feb061fdd3d1056404fb8a2a0d9a32a629f0227700695c38c35b1a2e43a3
SSDEEP

24576:OAbjb9AEhTev+swfVbbUC9ZVl3u9RJ1tv+K:OoP9AEhTA+swfVbbUCtWL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fcefe35409abcdfa14d2f454105260cb

Files

fcefe35409abcdfa14d2f454105260cb
.exe windows:4 windows x86 arch:x86

9a6042d60c8e65b12550316688823bf8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
GlobalAlloc
LocalAlloc
GetPrivateProfileIntA
WritePrivateProfileStringA
GetModuleHandleA
FindResourceA
LoadResource
LockResource
GlobalHandle
FreeResource
GlobalLock
GlobalUnlock
CloseHandle
SetStdHandle
LoadLibraryA
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetStdHandle
GetFileType
SetHandleCount
GetOEMCP
GetACP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
RtlUnwind
GetCurrentProcess
TerminateProcess
ExitProcess
GetStringTypeW
FlushFileBuffers
GlobalFree
GetStringTypeA
LCMapStringW
WideCharToMultiByte
LCMapStringA
MultiByteToWideChar
GetVersion
GetLastError
SetFilePointer
GetCommandLineA
HeapAlloc
VirtualAlloc
HeapFree
GetProcAddress
GetStartupInfoA

user32

GetWindowRect
ShowWindow
UpdateWindow
MoveWindow
ClipCursor
SetMenu
DispatchMessageA
PostQuitMessage
LoadIconA
CreateWindowExA
RegisterClassA
GetMenu
GetSystemMetrics
LoadMenuA
ShowCursor
CheckMenuItem
ReleaseDC
GetDC
EndPaint
BeginPaint
DefWindowProcA
wsprintfA
LoadCursorA
DestroyCursor
SetCursor
WinHelpA
DialogBoxParamA
GetFocus
GetDlgItemTextA
SetDlgItemTextA
EndDialog
FindWindowA
SetWindowPos
BringWindowToTop
PeekMessageA
GetMessageA
TranslateMessage
GetSystemMenu
DestroyMenu
MessageBoxA

ddraw

DirectDrawCreate

gdi32

DeleteDC
DeleteObject
SelectObject
StretchBlt
RealizePalette
SelectPalette
CreateDIBSection
CreateCompatibleDC
BitBlt
CreatePalette
SetStretchBltMode
GetSystemPaletteEntries
PatBlt

winmm

timeGetTime
joyGetNumDevs
joyGetPos
joyReleaseCapture
joySetCapture
joySetThreshold
joyGetDevCapsA

dsound

DirectSoundCreate

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1000KB - Virtual size: 1000KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 22KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9a6042d60c8e65b12550316688823bf8

Headers

File Characteristics

Imports

kernel32

user32

ddraw

gdi32

winmm

dsound

Sections

.text Size: 52KB - Virtual size: 52KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 9KB - Virtual size: 1.1MB

.idata Size: 3KB - Virtual size: 3KB

.rsrc Size: 1000KB - Virtual size: 1000KB

.reloc Size: 11KB - Virtual size: 22KB

.text
Size: 52KB - Virtual size: 52KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 9KB - Virtual size: 1.1MB

.idata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1000KB - Virtual size: 1000KB

.reloc
Size: 11KB - Virtual size: 22KB