fbab369f353e1235f98a28cb4488a989a72f51370da2f690c8ede0025fbeeaca

Sharing

Copy URL

Twitter E-mail

General

Target

fbab369f353e1235f98a28cb4488a989a72f51370da2f690c8ede0025fbeeaca
Size

617KB
MD5

97aa788eb792c6744d026b84903d9763
SHA1

c7fdc08de9a636bea9d0aeb7e0aa759f684aa6d5
SHA256

fbab369f353e1235f98a28cb4488a989a72f51370da2f690c8ede0025fbeeaca
SHA512

dad57f74e5d5270edf4b4dcf2bf998c07c341d4cbe8e25f15ab49e46ed0fbef5dc21e4f6c9a1eb001f99000ed4e58d6a90e8351db3bbff317ec4ad4c570c3374
SSDEEP

12288:/oHL4gZWLqhk1Rbw0rSa4h957QK/JtwYhvdYhvLZi:YwqARbwndQGtwuVuj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbab369f353e1235f98a28cb4488a989a72f51370da2f690c8ede0025fbeeaca

Files

fbab369f353e1235f98a28cb4488a989a72f51370da2f690c8ede0025fbeeaca
.exe windows:5 windows x86 arch:x86

6febbb65ea7052c669ef35f010b25352

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsW
SHDeleteKeyW
PathIsRelativeW

kernel32

DosDateTimeToFileTime
SystemTimeToFileTime
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
SetFilePointerEx
GetConsoleCP
FlushFileBuffers
ReadConsoleW
GetConsoleMode
GetStdHandle
GetModuleFileNameA
GetModuleHandleExW
GetCommandLineW
GetCommandLineA
LoadLibraryExW
GetFileType
DuplicateHandle
OutputDebugStringW
GetCPInfo
GetStringTypeW
LCMapStringW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetLastError
EncodePointer
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
MulDiv
ReadFile
GetFileSize
WriteFile
SetFileTime
RtlUnwind
SetFilePointer
CreateFileW
FreeResource
GetACP
LoadLibraryW
GetTickCount
CopyFileW
CreateThread
DeleteFileW
GetModuleHandleW
ExitProcess
GetProcAddress
GetCurrentDirectoryW
FindResourceW
LoadResource
FindResourceExW
LockResource
GetCurrentThread
MultiByteToWideChar
SetThreadPriority
TerminateProcess
GetCurrentProcess
SetPriorityClass
SizeofResource
SetEndOfFile
CreateDirectoryW
WideCharToMultiByte
GetLocalTime
GetTempPathW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
CloseHandle
HeapReAlloc
GetLastError
HeapSize
CreateMutexW
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
HeapFree
SetStdHandle
WriteConsoleW
FreeLibrary

user32

HideCaret
SetRect
FillRect
ShowCaret
CharPrevW
GetWindowRgn
MoveWindow
SetWindowRgn
GetCaretPos
ClientToScreen
GetSysColor
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
CreateAcceleratorTableW
InvalidateRgn
DrawTextW
MessageBoxW
IsZoomed
GetMonitorInfoW
MonitorFromWindow
GetPropW
SetPropW
PostQuitMessage
KillTimer
SetTimer
ShowWindow
GetMessageW
TranslateMessage
DispatchMessageW
SendMessageW
PostMessageW
CreateWindowExW
IsWindow
DestroyWindow
UpdateLayeredWindow
SetWindowPos
IsIconic
SetFocus
GetFocus
GetKeyState
SetCapture
ReleaseCapture
GetDC
ReleaseDC
BeginPaint
EndPaint
GetUpdateRect
EnableWindow
GetClassInfoExW
RegisterClassExW
RegisterClassW
CallWindowProcW
DefWindowProcW
LoadCursorW
OffsetRect
SetCursor
CharNextW
GetWindow
GetParent
SetWindowLongW
GetWindowLongW
PtInRect
IsRectEmpty
UnionRect
IntersectRect
ScreenToClient
SetCaretPos
GetCaretBlinkTime
CreateCaret
GetCursorPos
GetWindowRect
GetClientRect
InvalidateRect

gdi32

CombineRgn
PtInRegion
CreateRectRgn
CreateRoundRectRgn
GetObjectW
CreateDIBSection
GetTextMetricsW
SelectObject
CreatePenIndirect
GetStockObject
DeleteObject
DeleteDC
CreatePen
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
CreateRectRgnIndirect
CreateSolidBrush
GetCharABCWidthsW
GetClipBox
GetTextExtentPoint32W
LineTo
Rectangle
RoundRect
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetBkMode
StretchBlt
SetStretchBltMode
SetTextColor
MoveToEx
TextOutW
GetDeviceCaps
RestoreDC
SaveDC

advapi32

ChangeServiceConfigW
QueryServiceStatus
UnlockServiceDatabase
CloseServiceHandle
OpenSCManagerW
LockServiceDatabase
DeleteService
ControlService
RegQueryValueExW
OpenServiceW
RegCloseKey
RegOpenKeyExW

shell32

SHGetSpecialFolderPathW
ShellExecuteW
SHFileOperationW
SHChangeNotify
ShellExecuteExW

ole32

CoUninitialize
CoInitialize
CLSIDFromProgID
OleLockRunning
CoCreateInstance
CLSIDFromString

imm32

ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext

comctl32

ord17
_TrackMouseEvent

gdiplus

GdipSetStringFormatFlags
GdipCloneStringFormat
GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipMeasureString
GdipDrawString
GdipDeleteFont
GdipCreateFontFromDC
GdipFillRectangleI
GdipSetInterpolationMode
GdipSetStringFormatAlign
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipFree
GdipAlloc
GdiplusShutdown
GdiplusStartup
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipSetTextRenderingHint

Sections

.text
Size: 331KB - Virtual size: 330KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6febbb65ea7052c669ef35f010b25352

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

gdi32

advapi32

shell32

ole32

imm32

comctl32

gdiplus

Sections

.text Size: 331KB - Virtual size: 330KB

.rdata Size: 97KB - Virtual size: 96KB

.data Size: 6KB - Virtual size: 11KB

.tls Size: 512B - Virtual size: 9B

.gfids Size: 512B - Virtual size: 344B

.rsrc Size: 162KB - Virtual size: 162KB

.reloc Size: 19KB - Virtual size: 18KB

.text
Size: 331KB - Virtual size: 330KB

.rdata
Size: 97KB - Virtual size: 96KB

.data
Size: 6KB - Virtual size: 11KB

.tls
Size: 512B - Virtual size: 9B

.gfids
Size: 512B - Virtual size: 344B

.rsrc
Size: 162KB - Virtual size: 162KB

.reloc
Size: 19KB - Virtual size: 18KB