fc2147ddd8613f08dd833b6966891de9e5309587a61e4b35408d56f43e72697e

Sharing

Copy URL Twitter E-mail

General

Target

fc2147ddd8613f08dd833b6966891de9e5309587a61e4b35408d56f43e72697e
Size

109KB
MD5

7e01d776a0eb044a11bf91f3a68ce6f5
SHA1

a121f00aba46b8c8db956756723f357e9eacb6cc
SHA256

fc2147ddd8613f08dd833b6966891de9e5309587a61e4b35408d56f43e72697e
SHA512

d97343ed6018c279c5a981db9603734cc18dba3f46ff4dfd0f5533833dc5f9ea773776cc8c9e82a2b1cdeccd7823f8c55b7e97fd2b2688efa7db87322327d7fd
SSDEEP

3072:q9liUnwll+FNjqUdmpraToQ2G3o0IizXnS:q9liUnwn+FBqNIToQ2EofQC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc2147ddd8613f08dd833b6966891de9e5309587a61e4b35408d56f43e72697e

Files

fc2147ddd8613f08dd833b6966891de9e5309587a61e4b35408d56f43e72697e
.exe windows:5 windows x64 arch:x64

d23c0224a9f9744ca58448f8cb615690

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

LocalReAlloc
CreateProcessA
TerminateProcess
FileTimeToSystemTime
ReadFile
GetModuleFileNameW
GetSystemDirectoryA
MultiByteToWideChar
GetFileSizeEx
GetStartupInfoA
FindFirstFileA
GetLastError
GetProcAddress
RemoveDirectoryA
CopyFileA
GetExitCodeProcess
LoadLibraryA
LocalAlloc
MoveFileA
CreateEventW
WaitForMultipleObjects
CreatePipe
GetModuleFileNameA
FindNextFileA
WTSGetActiveConsoleSessionId
CloseHandle
FileTimeToLocalFileTime
LocalFree
DeleteFileA
LocalFileTimeToFileTime
Sleep
WideCharToMultiByte
WriteFile
SetFileTime
FormatMessageA
GetLogicalDrives
SetEvent
GetCurrentProcess
SystemTimeToFileTime
FreeLibrary
PeekNamedPipe
CreateFileA
GetComputerNameA
FindClose
GetSystemDefaultLangID
RaiseException
CreateFileW
FlushFileBuffers
HeapSize
WriteConsoleW
SetStdHandle
LoadLibraryW
GetConsoleMode
GetConsoleCP
SetFilePointer
RtlPcToFileHeader
GetStringTypeW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
DeleteCriticalSection
HeapFree
HeapAlloc
GetFileAttributesA
HeapReAlloc
GetCommandLineW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
FlsGetValue
FlsSetValue
FlsFree
SetLastError
GetCurrentThreadId
FlsAlloc
DecodePointer
HeapSetInformation
GetVersion
HeapCreate
GetModuleHandleW
ExitProcess
GetStdHandle
LCMapStringW
RtlUnwindEx
EnterCriticalSection
LeaveCriticalSection
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW

advapi32

CryptDestroyKey
CryptEncrypt
SetServiceStatus
CryptImportKey
DuplicateTokenEx
SetTokenInformation
CreateProcessAsUserW
CryptReleaseContext
RegisterServiceCtrlHandlerA
CryptSetKeyParam
CryptAcquireContextW
StartServiceCtrlDispatcherA
OpenProcessToken
CryptDecrypt

shell32

SHCreateDirectoryExA

ole32

CoInitialize

ws2_32

gethostbyname
WSACleanup
WSAStartup
htonl

wininet

HttpAddRequestHeadersA
HttpOpenRequestW
InternetSetOptionW
InternetCloseHandle
InternetReadFile
InternetCrackUrlW
InternetQueryDataAvailable
InternetQueryOptionW
InternetOpenW
HttpSendRequestW
InternetConnectW

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d23c0224a9f9744ca58448f8cb615690

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

ole32

ws2_32

wininet

userenv

Sections

.text Size: 74KB - Virtual size: 74KB

.rdata Size: 22KB - Virtual size: 22KB

.data Size: 5KB - Virtual size: 14KB

.pdata Size: 4KB - Virtual size: 3KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 74KB - Virtual size: 74KB

.rdata
Size: 22KB - Virtual size: 22KB

.data
Size: 5KB - Virtual size: 14KB

.pdata
Size: 4KB - Virtual size: 3KB

.reloc
Size: 1KB - Virtual size: 1KB