fe6148e8f8f5c950763093085c066ac5

Sharing

Copy URL Twitter E-mail

General

Target

fe6148e8f8f5c950763093085c066ac5
Size

467KB
MD5

fe6148e8f8f5c950763093085c066ac5
SHA1

4f9f429ae5dfb619f14652e67edad42c4145824b
SHA256

cb5d63c4f0858966745e737acc13d10cc8ca70bc43b909015c475f7799c770a3
SHA512

489810fb2e14129f61ce82e85ea77f3f331d5bdd5460741dfd48dbd3dc237696a2a32f3ec3cb638165407a0f615ed9b10669bbb941a0942cc15b38b304ff4d12
SSDEEP

12288:HtmSkMV5apnX9D6IMpFyJEBhqKD82a+FjMDjcL:HAND6IjEiKD9L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe6148e8f8f5c950763093085c066ac5

Files

fe6148e8f8f5c950763093085c066ac5
.exe windows:4 windows x86 arch:x86

93b2993dce01693ede8b48e52928481d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

FtpFindFirstFileW
InternetGetLastResponseInfoW
FtpSetCurrentDirectoryW
ShowSecurityInfo
UnlockUrlCacheEntryFileW
InternetCrackUrlA
SetUrlCacheEntryGroupA
InternetTimeFromSystemTime
InternetOpenUrlW
FindFirstUrlCacheEntryExA
GetUrlCacheConfigInfoA
InternetSetOptionW
FtpGetFileEx
InternetCheckConnectionW
InternetCanonicalizeUrlW
InternetSetFilePointer
HttpOpenRequestW
InternetCloseHandle
SetUrlCacheConfigInfoA
HttpSendRequestExW
InternetTimeToSystemTimeA
FreeUrlCacheSpaceA
FtpGetFileSize

shell32

SHUpdateRecycleBinIcon
SheChangeDirA
SHQueryRecycleBinW
SHGetPathFromIDListW
ShellAboutW
SheGetDirA
SHAppBarMessage

gdi32

FixBrushOrgEx
CreateScalableFontResourceW
CopyEnhMetaFileW
Rectangle
CreateEnhMetaFileW
GetLogColorSpaceA
SetPolyFillMode
GetClipBox
CreatePolygonRgn
EnumEnhMetaFile
TranslateCharsetInfo
DeleteObject

user32

ValidateRgn
ModifyMenuW
DestroyAcceleratorTable
RemovePropA
SetCursorPos
ChangeDisplaySettingsA
DispatchMessageA
GetClipboardData
CharLowerBuffW
DrawAnimatedRects
CloseDesktop
SetWindowTextW
UnregisterDeviceNotification
LoadBitmapW
MonitorFromPoint
GetMonitorInfoW
LookupIconIdFromDirectory
WaitMessage
GetClassNameW
MessageBeep
DdeConnect
DrawStateW

kernel32

GetModuleHandleA
GetLocaleInfoA
GetDateFormatA
TlsSetValue
UnhandledExceptionFilter
RtlUnwind
GetTimeFormatA
FreeEnvironmentStringsW
SetHandleCount
GetCurrentThreadId
GetProcAddress
HeapDestroy
CompareStringW
GetVersionExA
HeapSize
GetStartupInfoA
lstrlenW
GetEnvironmentStringsW
GetCurrentProcess
InterlockedExchange
GetStringTypeA
InterlockedIncrement
lstrcpyA
WideCharToMultiByte
OpenSemaphoreA
LCMapStringW
TlsGetValue
EnumDateFormatsExW
WriteFile
TlsAlloc
EnterCriticalSection
ExitProcess
HeapAlloc
SetEvent
FreeLibrary
InterlockedDecrement
GetCurrentProcessId
GetCurrentThread
GetProfileIntW
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetLocaleInfoW
LeaveCriticalSection
GetCommandLineA
GetStringTypeW
MultiByteToWideChar
EnumSystemLocalesA
LCMapStringA
TerminateProcess
InitializeCriticalSection
GetEnvironmentStrings
GetUserDefaultLCID
TlsFree
GetLastError
GetStdHandle
VirtualQuery
LoadLibraryA
DeleteCriticalSection
GetOEMCP
GetProcessHeap
IsDebuggerPresent
HeapCreate
HeapReAlloc
FreeEnvironmentStringsA
SetEnvironmentVariableA
WritePrivateProfileStructA
VirtualFree
AddAtomA
SetConsoleCtrlHandler
GetSystemTimeAsFileTime
HeapFree
SetLastError
ExpandEnvironmentStringsA
GetTickCount
GetModuleFileNameA
GetTimeZoneInformation
IsValidLocale
lstrcatA
GetCPInfo
Sleep
VirtualProtectEx
IsValidCodePage
CompareStringA
VirtualAlloc
GetACP
GetFileType

Sections

.text
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 314KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93b2993dce01693ede8b48e52928481d

Headers

File Characteristics

Imports

wininet

shell32

gdi32

user32

kernel32

Sections

.text Size: 141KB - Virtual size: 141KB

.data Size: 314KB - Virtual size: 313KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 141KB - Virtual size: 141KB

.data
Size: 314KB - Virtual size: 313KB

.rsrc
Size: 10KB - Virtual size: 10KB