fdf9486d0f59f41ea8ff9babe3c4942b

Sharing

Copy URL Twitter E-mail

General

Target

fdf9486d0f59f41ea8ff9babe3c4942b
Size

484KB
MD5

fdf9486d0f59f41ea8ff9babe3c4942b
SHA1

ed71c1867bf2f3db09cdd79fe85d352886799ff7
SHA256

e4b079e85802bacd7f8d93c803979590085fc25d7e940f1874172c8c19f72ade
SHA512

aea0f497d63824fa402f9621510caf58be43a62ef8cd8d41cf319b51598e034aa678cf71de6952b3ad57c078419ba1dc7cdf468a9884f2280b464fe15600abbd
SSDEEP

12288:Hoql/5vx7vgjSoGu/ed9rxq48P1odvXmBYVn5CaiZvD:HoqlxvxNVZDdsmCa8D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdf9486d0f59f41ea8ff9babe3c4942b

Files

fdf9486d0f59f41ea8ff9babe3c4942b
.exe windows:4 windows x86 arch:x86

784ece21483c57b7e01a82e2a9ced5bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
VirtualFree
UnmapViewOfFile
GetCurrentThreadId
GetACP
ReadFile
SetFilePointer
TlsFree
GetCommandLineA
HeapSize
LockResource
GetCurrentProcessId
GetEnvironmentStrings
GlobalUnlock
GetEnvironmentStringsW
LCMapStringA
GlobalFree
LCMapStringW
InterlockedIncrement
GetFileType
GlobalLock
CreateFileMappingA
ResetEvent
FindFirstFileA
GetProcessHeap
WaitForMultipleObjects
DeleteFileA
VirtualProtect
GetTickCount
QueryPerformanceCounter
FreeLibrary
HeapFree
GetVersion
SetEndOfFile
TerminateProcess
SetUnhandledExceptionFilter
CreateThread
TlsGetValue
UnhandledExceptionFilter
GetModuleFileNameA
IsDebuggerPresent
GetModuleFileNameW
SetLastError
FormatMessageA
InterlockedDecrement
LoadResource
InitializeCriticalSection
SetEvent
GetStringTypeW
GetSystemTimeAsFileTime
WriteFile
InterlockedExchange
WideCharToMultiByte
FreeEnvironmentStringsW
GetLocaleInfoA
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
HeapDestroy
GetFileAttributesA
GetStdHandle
HeapAlloc
VirtualAlloc
ExitProcess
lstrlenA
GetModuleHandleA
GetStartupInfoA
GetProcAddress
SetHandleCount
TlsSetValue
TlsAlloc
GetLastError
GetEnvironmentVariableA
GetVersionExA
HeapCreate
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
GetCPInfo
GetOEMCP
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
GetStringTypeA

user32

GetClientRect
SendMessageA
InvalidateRect
DialogBoxParamA
MessageBoxA
EndDialog
GetDesktopWindow
LoadIconA
LoadCursorA
ScreenToClient
GetDlgItem
SetTimer
SetWindowTextA
SetWindowLongA
PostMessageA
BeginPaint
SetFocus
FillRect
CreateWindowExA
LoadStringA
GetWindow
IsWindowEnabled
TranslateMessage
DefWindowProcA
ReleaseDC
GetDC
DispatchMessageA
PostQuitMessage

Sections

.text
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 444KB - Virtual size: 442KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

784ece21483c57b7e01a82e2a9ced5bf

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 32KB - Virtual size: 28KB

.data Size: 444KB - Virtual size: 442KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 32KB - Virtual size: 28KB

.data
Size: 444KB - Virtual size: 442KB

.rsrc
Size: 4KB - Virtual size: 1KB