c5398e6d2a8eec8d2d51a5a12e5ce0cf

Sharing

Copy URL Twitter E-mail

General

Target

c5398e6d2a8eec8d2d51a5a12e5ce0cf
Size

82KB
MD5

c5398e6d2a8eec8d2d51a5a12e5ce0cf
SHA1

769443015d68c5137f3f2b94c5ebdee35e92003c
SHA256

f8ee7ba51bd1e1b460e276b73976a55794b3afce3911334b3f45d33a1321eddb
SHA512

59ca122d6026abc11a28d1c1cc97ddb201d5071301ccfb7faea6b731f155810a9ff42a88e05ccde137ceddb1650027af047bc797f1d7801aa7cf38f7d49facdd
SSDEEP

1536:tI1Ogtn5AjCoJ9QH8K3vRDx6SeSyREasX2mB/KDZ8zjbF18k3kNpHhDdf:k5nyx9Qc4vlx6yykB/Kt8zjhiBF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/flechettes28.exe

Files

c5398e6d2a8eec8d2d51a5a12e5ce0cf
.zip
flechettes28.exe
.exe windows:4 windows x86 arch:x86

db516c9b7a25108e73aaa86667a3afd0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime
PlaySoundA

kernel32

QueryPerformanceCounter
GetModuleHandleA
GetVersion
QueryPerformanceFrequency
LCMapStringW
GetProcAddress
LCMapStringA
GetStringTypeA
GetOEMCP
GetACP
LoadLibraryA
HeapReAlloc
GetCPInfo
WriteFile
RtlUnwind
VirtualAlloc
HeapCreate
HeapDestroy
VirtualFree
GetStdHandle
SetHandleCount
GetFileType
GetEnvironmentStrings
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
FreeEnvironmentStringsW
GetCurrentProcess
TerminateProcess
UnhandledExceptionFilter
HeapFree
ExitProcess
MultiByteToWideChar
HeapAlloc
GetStringTypeW
GetStartupInfoA
GetCommandLineA

user32

SetCapture
GetParent
DestroyWindow
CreateWindowExA
GetKeyboardType
LoadIconA
GetSystemMetrics
MoveWindow
GetWindowLongA
EndDialog
LoadImageA
DialogBoxParamA
DefWindowProcA
SetWindowLongA
RegisterClassA
UpdateWindow
RegisterClassExA
EndPaint
GetDC
BeginPaint
SetForegroundWindow
EnableMenuItem
IsIconic
GetMessageA
GetDesktopWindow
PeekMessageA
LoadMenuA
TranslateMessage
DispatchMessageA
DestroyMenu
GetSubMenu
CheckMenuItem
FindWindowA
TrackPopupMenu
SendMessageA
SetWindowPos
GetWindowRect
InvalidateRect
ShowWindow
ReleaseCapture
SetWindowRgn
LoadCursorA
PostQuitMessage

gdi32

CreateCompatibleBitmap
DeleteObject
GetStockObject
DeleteDC
BitBlt
GetObjectA
CombineRgn
CreateEllipticRgn
CreateCompatibleDC
SelectObject
CreatePolygonRgn

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 368KB - Virtual size: 366KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

db516c9b7a25108e73aaa86667a3afd0

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

Sections

.text Size: 28KB - Virtual size: 26KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 368KB - Virtual size: 366KB

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 368KB - Virtual size: 366KB