fc184274ad3908021e4c8ef28f35dc77447ed6457375d2a4e7b411955e042527

Sharing

Copy URL

Twitter E-mail

General

Target

fc184274ad3908021e4c8ef28f35dc77447ed6457375d2a4e7b411955e042527
Size

268KB
MD5

d3fdd9807a32f5c27c14879336762119
SHA1

73132972d130adb7106e6b9319b21856434eff65
SHA256

fc184274ad3908021e4c8ef28f35dc77447ed6457375d2a4e7b411955e042527
SHA512

87468ab4136f449cab6e3689b4460de6dc59421ad20ce8208e251b3e4ef63f4ac281288ec51a35469e2473328de8b45b487cd72f40ba72d304a44b89a99a7a80
SSDEEP

6144:IXJ6Mv/PMB5lZOx4ccuiA8HYVVo7bBPxwdNaLvo:KJf/kBrZOxfwAsYVVoZZwdNaE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc184274ad3908021e4c8ef28f35dc77447ed6457375d2a4e7b411955e042527

Files

fc184274ad3908021e4c8ef28f35dc77447ed6457375d2a4e7b411955e042527
.exe windows:5 windows x86 arch:x86

0007f1b6ac8d35411ce207643bd2505c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
lstrcpynW
WriteProfileStringW
WritePrivateProfileSectionW
WriteFile
WriteConsoleW
WaitForSingleObject
WaitForMultipleObjectsEx
WaitForMultipleObjects
UnhandledExceptionFilter
TerminateProcess
SystemTimeToFileTime
Sleep
SetVolumeLabelA
SetUnhandledExceptionFilter
SetThreadUILanguage
SetThreadContext
SetProcessShutdownParameters
SetMailslotInfo
SetLastError
SetHandleInformation
SetFileApisToOEM
SetEvent
ResetEvent
ReleaseSemaphore
ReleaseMutex
ReleaseActCtx
ReadFile
ReadConsoleInputA
RaiseException
QueryPerformanceFrequency
QueryPerformanceCounter
OutputDebugStringW
MultiByteToWideChar
LockFile
LocalFree
LocalAlloc
LoadLibraryW
LoadLibraryA
LeaveCriticalSection
IsDebuggerPresent
InterlockedExchange
InterlockedCompareExchange
InitializeCriticalSection
HeapSetInformation
HeapAlloc
Heap32ListFirst
Heap32First
GlobalFlags
GetTickCount
GetTempFileNameW
GetSystemTimeAsFileTime
GetSystemPowerStatus
GetStartupInfoW
GetProcessHeap
GetProcAddress
GetNamedPipeHandleStateA
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameW
GetLocalTime
GetLastError
GetFileSizeEx
GetFileInformationByHandle
ActivateActCtx
GetFileAttributesW
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryA
GetComputerNameW
GetCommandLineW
GetACP
FreeLibrary
FormatMessageA
FlushFileBuffers
ExitProcess
EnumResourceLanguagesW
EnterCriticalSection
EncodePointer
DeleteFileW
DeleteCriticalSection
DecodePointer
DeactivateActCtx
CreateThread
CreateSemaphoreW
CreateFileW
CreateEventW
CreateDirectoryW
CreateConsoleScreenBuffer
CreateActCtxW
CloseHandle
HeapFree

user32

GetKeyboardType
GetClipboardViewer
GetKeyState
CopyIcon
GetMessagePos
InSendMessage
AnyPopup
IsGUIThread
CloseDesktop
GetSystemMetrics
GetCaretBlinkTime
GetDialogBaseUnits
GetOpenClipboardWindow
GetDesktopWindow
LoadCursorFromFileA
CountClipboardFormats
OpenIcon
IsMenu
LoadCursorFromFileW
IsWindowUnicode
GetQueueStatus
CharLowerA
GetClipboardSequenceNumber
GetShellWindow
CharNextW
GetWindowTextLengthA
IsIconic
VkKeyScanA
CloseClipboard
GetClipboardOwner
GetProcessWindowStation
PaintDesktop
GetDoubleClickTime
CreatePopupMenu
GetSysColor
IsWindow
IsClipboardFormatAvailable
IsCharUpperW
DestroyIcon
GetAsyncKeyState
GetWindowTextLengthW
IsCharAlphaA
IsCharAlphaNumericA
DestroyWindow
CharUpperA
GetMenuContextHelpId
wsprintfW
TranslateMessage
TranslateAcceleratorW
SetWindowContextHelpId
SetDoubleClickTime
RegisterClassW
PostQuitMessage
PeekMessageW
MsgWaitForMultipleObjects
MapVirtualKeyExA
LoadStringW
LoadCursorW
GetUserObjectInformationW
GetThreadDesktop
GetScrollInfo
GetMessageTime
GetMessageA
GetKeyboardLayoutNameW
GetDlgCtrlID
GetClassLongW
GetAltTabInfoW
EndDialog
DrawIconEx
DispatchMessageW
IsCharLowerW
GetInputState
DestroyCursor
LoadIconA
CharNextA
EndMenu
GetFocus
ShowCaret
DestroyMenu
GetDC
GetActiveWindow
IsCharLowerA
CreateMenu
IsWindowEnabled
OemKeyScan
CloseWindow
VkKeyScanW
IsCharAlphaW
GetWindowContextHelpId
CharLowerW
GetWindowDC
GetKeyboardLayout
CharUpperW
CreateWindowExW
DefWindowProcW
LoadIconW

gdi32

GdiEntry14
GdiFullscreenControl
GdiGetSpoolMessage
GetCharWidthI
GetCurrentPositionEx
GetDCOrgEx
GetEnhMetaFileDescriptionA
GetFontAssocStatus
GetMetaFileA
GetMetaFileBitsEx
GetRgnBox
GetStockObject
GetTextMetricsW
PathToRegion
PolyPolyline
PolyTextOutW
SelectPalette
SetDCPenColor
SetTextColor
XFORMOBJ_bApplyXform
bMakePathNameW
GetEnhMetaFileA
AbortDoc
GetLayout
GetPixelFormat
CloseFigure
DeleteDC
AddFontResourceA
GetGraphicsMode
DeleteObject
GetObjectType
GdiConvertRegion
WidenPath
BeginPath
SwapBuffers
GetPolyFillMode
GetBkMode
GetColorSpace
GetFontLanguageInfo
SaveDC
CreatePatternBrush
GdiGetBatchLimit
SetMetaRgn
DeleteColorSpace
UnrealizeObject
AbortPath
CreateCompatibleDC
CancelDC
StrokePath
RealizePalette
GetSystemPaletteUse
EndPath
FlattenPath
GetTextAlign
CreateMetaFileW
GetBkColor
UpdateColors
GetDCPenColor
GdiFlush
GetTextCharset
CreateMetaFileA
EngTextOut
EngCreateBitmap
EngCopyBits
EngAssociateSurface
EndFormPage
EndDoc
DescribePixelFormat
DeleteEnhMetaFile
CreateSolidBrush
CreateScalableFontResourceA
AddFontResourceW
CLIPOBJ_ppoGetPath
CloseEnhMetaFile
CopyEnhMetaFileA
CopyMetaFileW
CreateDCA
CreateEllipticRgnIndirect
CreateICA
CreateRoundRectRgn
FillPath

advapi32

TraceEvent
UnregisterTraceGuids
RegOpenKeyW
SetEntriesInAclW
RegisterTraceGuidsW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyW
RegCreateKeyExW
RegCloseKey
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
GetNamedSecurityInfoW
AllocateAndInitializeSid
SetNamedSecurityInfoW

shell32

DragFinish
DragQueryFileW
ExtractAssociatedIconW
ExtractIconExA
ExtractIconExW
ExtractIconW
SHBrowseForFolderW
SHChangeNotify
SHEmptyRecycleBinW
SHFileOperationA
SHFileOperationW
SHGetDesktopFolder
SHGetFileInfoA
SHGetFileInfoW
SHGetMalloc
SHGetPathFromIDListA
SHGetPathFromIDListW
SHGetSpecialFolderLocation
ShellExecuteExW
ShellExecuteW
Shell_NotifyIconW
DragAcceptFiles

msvcrt

__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wgetmainargs
_adjust_fdiv
_controlfp
_except_handler3
_exit
_ftol
_initterm
_onexit
_wcmdln
exit
wcscat
wcscpy
wcslen
wcsncmp
__CxxFrameHandler
_XcptFilter
_EH_prolog
__dllonexit

imm32

ImmGetContext
ImmGetOpenStatus
ImmReleaseContext

Sections

.text
Size: 251KB - Virtual size: 251KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0007f1b6ac8d35411ce207643bd2505c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

msvcrt

imm32

Sections

.text Size: 251KB - Virtual size: 251KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 1024B - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 1KB

.text
Size: 251KB - Virtual size: 251KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 1024B - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 1KB