fa8ae4c40dbf7a8a1f373f752f60ac69649985ef09b380fe8ac476041e138c0a

Sharing

Copy URL Twitter E-mail

General

Target

fa8ae4c40dbf7a8a1f373f752f60ac69649985ef09b380fe8ac476041e138c0a
Size

3.4MB
MD5

659df75e1adbca00f07f3f40b23e4de0
SHA1

e58c22a51af535bf1d1f2f0760d69554093c8b6c
SHA256

fa8ae4c40dbf7a8a1f373f752f60ac69649985ef09b380fe8ac476041e138c0a
SHA512

af34849dde9f6b3fa86fce947affb1eaed8e680c2476979a50d5a8aa5325f3938a6b0a4216dde58e6b318c39807522e28e5ffcecf3a8f794a1a567b2708daee4
SSDEEP

49152:3VeS+Jg1gVygo+fjasTjb/H3mAzzb7y+HXsl9J8vLEdT2KJPshVR8rF8kv:FeR1Tjb/H3dHfw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa8ae4c40dbf7a8a1f373f752f60ac69649985ef09b380fe8ac476041e138c0a

Files

fa8ae4c40dbf7a8a1f373f752f60ac69649985ef09b380fe8ac476041e138c0a
.exe windows:4 windows x64 arch:x64

ef2f3f9eb1a26698ebf30430a48f60e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

libcurl-4

curl_easy_cleanup
curl_easy_getinfo
curl_easy_init
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_global_init
curl_slist_append
curl_slist_free_all
curl_version

kernel32

CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
FillConsoleOutputCharacterA
FreeConsole
FreeLibrary
GetConsoleScreenBufferInfo
GetConsoleWindow
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetLastError
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetStartupInfoA
GetStdHandle
GetSystemDirectoryA
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetTickCount
GetTimeZoneInformation
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
OpenProcess
QueryPerformanceCounter
ReleaseSemaphore
ResetEvent
ResumeThread
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetConsoleCtrlHandler
SetConsoleTextAttribute
SetEvent
SetLastError
SetPriorityClass
SetThreadAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WriteConsoleW

msvcrt

__C_specific_handler
__argv
__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_aligned_free
_aligned_malloc
_amsg_exit
_assert
_atoi64
_beginthreadex
_cexit
_difftime64
_endthreadex
_errno
_fileno
_fmode
_ftime64
_initterm
_isatty
_localtime64
_onexit
_setjmp
_snprintf
_stat64
_stricmp
_strnicmp
_time64
_vscprintf
_vsnprintf
_wfopen
abort
atof
atoi
calloc
exit
fclose
fflush
fgetc
fopen
fprintf
fputc
fputs
fread
free
fseek
ftell
fwrite
getenv
isalpha
islower
isspace
isupper
localeconv
malloc
mbstowcs
memchr
memcmp
memcpy
memmove
memset
putchar
qsort
raise
rand
realloc
setlocale
signal
sprintf
sscanf
strcat
strchr
strcmp
strcpy
strerror
strlen
strncat
strncmp
strncpy
strrchr
strspn
strstr
strtok
strtol
strtoul
toupper
vfprintf
wcstombs
longjmp
_strdup

user32

ShowWindow

ws2_32

WSAIoctl
accept
bind
closesocket
htonl
htons
inet_addr
inet_ntoa
listen
recv
select
send
socket

libgcc_s_seh-1

__emutls_get_address
__fixunsxfti
__floatuntixf

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 427KB - Virtual size: 427KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1008KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ef2f3f9eb1a26698ebf30430a48f60e3

Headers

File Characteristics

Imports

libcurl-4

kernel32

msvcrt

user32

ws2_32

libgcc_s_seh-1

Sections

.text Size: 2.9MB - Virtual size: 2.9MB

.data Size: 3KB - Virtual size: 3KB

.rdata Size: 427KB - Virtual size: 427KB

.pdata Size: 25KB - Virtual size: 25KB

.xdata Size: 33KB - Virtual size: 32KB

.bss Size: - Virtual size: 1008KB

.idata Size: 7KB - Virtual size: 6KB

.CRT Size: 512B - Virtual size: 120B

.tls Size: 512B - Virtual size: 16B

.text
Size: 2.9MB - Virtual size: 2.9MB

.data
Size: 3KB - Virtual size: 3KB

.rdata
Size: 427KB - Virtual size: 427KB

.pdata
Size: 25KB - Virtual size: 25KB

.xdata
Size: 33KB - Virtual size: 32KB

.bss
Size: - Virtual size: 1008KB

.idata
Size: 7KB - Virtual size: 6KB

.CRT
Size: 512B - Virtual size: 120B

.tls
Size: 512B - Virtual size: 16B