9de36e941f45c9f592d86e19a0ea9c10

Sharing

Copy URL Twitter E-mail

General

Target

9de36e941f45c9f592d86e19a0ea9c10
Size

188KB
MD5

9de36e941f45c9f592d86e19a0ea9c10
SHA1

3507f016be7da9a4d05469e59ac5480b20ae19d1
SHA256

132e72b18c02e5647076857b98e132448b55d506c04d3c36fff8d133fb449396
SHA512

bd2777d65475b8b2df95c67a38d89d833515f431952b454663e162f8810dca46bce8f61d5fb370715d3caa48704db3b4c5beaef812b64eb7f192553b02cc371b
SSDEEP

3072:TbscW/SuMpRm6Buox9FKRszTEVkaRnHS6fWqkqH5P+5YXa88G3ObE6u37ySjfx+o:UpSjK6B7SWvEVjRH7kqZP+5wa88G3OA/

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/171_FatalAim_CSS_RE/FatalAim CSS RELEASE E/FatalAim CSS Release E.dll
unpack001/171_FatalAim_CSS_RE/FatalAim CSS RELEASE E/FatalAim CSS Release E.exe

Files

9de36e941f45c9f592d86e19a0ea9c10
.rar
171_FatalAim_CSS_RE/FatalAim CSS RELEASE E/FatalAim CSS Release E.dll
.dll windows:4 windows x86 arch:x86

3c0e70bfa5f73f1f1cef484e2bcb5bf8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA

user32

MessageBoxA

Exports

Exports

CreateInterface

Sections

Size: 100KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 21KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 11KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
171_FatalAim_CSS_RE/FatalAim CSS RELEASE E/FatalAim CSS Release E.exe
.exe windows:4 windows x86 arch:x86

5099413ffe76c313622508fe829f86d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
VirtualFreeEx
WaitForSingleObject
CreateRemoteThread
GetProcAddress
WriteProcessMemory
VirtualAllocEx
OpenProcess
lstrlenW
lstrlenA
GetCurrentProcess
ExitProcess
CreateThread
CreateMutexA
VirtualProtect
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
ReadFile
SetEndOfFile
SetFilePointer
Sleep
GetModuleHandleA
GetLastError
GetModuleFileNameA
TerminateProcess
GetStartupInfoA
GetCommandLineA
GetVersionExA
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
InterlockedExchange
VirtualQuery
WriteFile
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapAlloc
VirtualAlloc
HeapReAlloc
SetStdHandle
FlushFileBuffers
CreateFileA
HeapSize
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
GetSystemInfo

user32

CreateDialogParamA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfW
FindWindowA
GetWindowThreadProcessId

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 384KB - Virtual size: 381KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
171_FatalAim_CSS_RE/FatalAim CSS RELEASE E/Font.ttf
171_FatalAim_CSS_RE/FatalAim CSS RELEASE E/README.txt
171_FatalAim_CSS_RE/FatalAim CSS RELEASE E/Settings.ini
171_FatalAim_CSS_RE/FatalAim CSS RELEASE E/ВНИМАНИЕ!!!!.txt
171_FatalAim_CSS_RE/FatalAim CSS RELEASE E/Всё для ваших онлайн игр, и не только....url
171_FatalAim_CSS_RE/ВНИМАНИЕ!!!!.txt
171_FatalAim_CSS_RE/Всё для ваших онлайн игр, и не только....url

Sharing

General

Malware Config

Signatures

Files

3c0e70bfa5f73f1f1cef484e2bcb5bf8

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

Size: 100KB - Virtual size: 212KB

Size: 21KB - Virtual size: 44KB

Size: 4KB - Virtual size: 1.1MB

Size: 11KB - Virtual size: 24KB

Size: 8KB - Virtual size: 12KB

5099413ffe76c313622508fe829f86d7

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 384KB - Virtual size: 381KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 384KB - Virtual size: 381KB