fcf6ec6e02c95c7f3ef97d0782b20838 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fcf6ec6e02c95c7f3ef97d0782b20838
Size

256KB
MD5

fcf6ec6e02c95c7f3ef97d0782b20838
SHA1

3b36460108e7bade36faac26a96d5830900cc49b
SHA256

78654c1b31ac1904c02a17577caaf60e785bd21d99571f66e997748acd13c3e8
SHA512

ce1b85463f69f92868b3499648e007808f8b331335aabbec3c830f7e25d4257edc4179a69d51b02eee10a6d344da64d999cbe6ccda584ac0895c5d1748960dff
SSDEEP

6144:oq4GKW53QeDfZHD1kdDtjpIZ++dq8FvC+Ehe:oYKcQeDRHxcFnR88+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fcf6ec6e02c95c7f3ef97d0782b20838

Files

fcf6ec6e02c95c7f3ef97d0782b20838
.exe windows:4 windows x86 arch:x86

3fd9825781329f9a819f79f1086be4d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcessHeap
FreeLibrary
GetModuleHandleA
GetStdHandle
GetSystemDirectoryA
GetLastError
ExitProcess
GetWindowsDirectoryA
GetSystemDefaultLangID
ExitProcess
WaitForSingleObject
CompareStringA
CloseHandle
GetModuleFileNameA
LoadLibraryA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

user32

SetRect
EnumWindowStationsA
IsIconic
SetForegroundWindow
GetLastActivePopup
GetWindowRect
ShowWindow
GetClientRect

Sections

.text
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.strings
Size: 5KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ