ff8cc35adb59b813d795a76f0f49fbff

General

Target

ff8cc35adb59b813d795a76f0f49fbff
Size

40KB
MD5

ff8cc35adb59b813d795a76f0f49fbff
SHA1

faf5c8c5f15f0f0bf5e28cf7497c36c9b96e18e4
SHA256

7dd377bf6cc5ca78f4bd816217ac16bade85cb450311160ad5c90afd0f719d09
SHA512

8a4ba6cda336594d9ac505488f50770d453ddefeda36bb22984a19a1a0a1ff6ce9e3dd4ffba879632245d9b0ee5244c5ec629b4f5c9a5a7419a22fa4b289a92f
SSDEEP

384:2BqJB2wI2W5ZqN0yqRc5Wdh0DS4mlZAjWeufkK1CyXqmKvw2u13oHRfrgQbjp:2MWZqNQTh0cjs5+jKvm13oHRDgq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff8cc35adb59b813d795a76f0f49fbff

Files

ff8cc35adb59b813d795a76f0f49fbff
.exe windows:4 windows x86 arch:x86

febfb632a80d61a20046862a0ab9f8d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GetSystemDirectoryA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetEndOfFile
LoadLibraryA
GetProcAddress
WinExec
GetACP
GetCPInfo
FlushFileBuffers
SetStdHandle
HeapReAlloc
VirtualAlloc
HeapAlloc
RtlUnwind
VirtualFree
HeapCreate
HeapDestroy
CreateToolhelp32Snapshot
Process32First
Process32Next
CreateFileA
WriteFile
GetOEMCP
CloseHandle
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
GetFileAttributesA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess
HeapFree
GetLastError
TerminateProcess
GetCurrentProcess
SetFilePointer
ReadFile
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte

user32

DialogBoxParamA
TranslateMessage
TranslateAcceleratorA
GetMessageA
LoadAcceleratorsA
EndDialog
KillTimer
PostQuitMessage
SetTimer
BeginPaint
DefWindowProcA
DestroyWindow
DispatchMessageA
CreateWindowExA
ShowWindow
UpdateWindow
LoadIconA
LoadCursorA
RegisterClassExA
LoadStringA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCreateKeyA
RegSetValueExA
RegCloseKey
RegOpenKeyA

wininet

InternetQueryDataAvailable
InternetCloseHandle
InternetOpenUrlA
InternetOpenA
InternetReadFile

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

febfb632a80d61a20046862a0ab9f8d7

Headers

File Characteristics

Imports

kernel32

user32

advapi32

wininet

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 4KB - Virtual size: 2KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 4KB - Virtual size: 2KB