60af5bdb761a77811c18053662fe4a79e7e45f395feff353b5cf988e68ad26cc

Sharing

Copy URL

Twitter E-mail

General

Target

60af5bdb761a77811c18053662fe4a79e7e45f395feff353b5cf988e68ad26cc
Size

6.5MB
MD5

2855c4a13bacd49c6a101fa5a9c0c74d
SHA1

2205a58bf0a56ca5fb2d2d0a8515e5f537279fbf
SHA256

60af5bdb761a77811c18053662fe4a79e7e45f395feff353b5cf988e68ad26cc
SHA512

3c1c14ff8807467708485e6fb3da477b84a4d61edc29a0edd07125f0b2c28eb15dfd3d7ea6c3c9b994e33ad1881b053b6cdd59cfff56ac96d8feff3cc3198a5d
SSDEEP

196608:0SGuvFO3ouGhOa7Q8w67krbhmlXb1wOWs:nPFwGhx57kmXb6OW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60af5bdb761a77811c18053662fe4a79e7e45f395feff353b5cf988e68ad26cc

Files

60af5bdb761a77811c18053662fe4a79e7e45f395feff353b5cf988e68ad26cc
.exe windows:4 windows x86 arch:x86

38d4216cde1707d9eae9c943c4af5fb1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\build_server\Firefox\googleclient\firefox\build\opt\obj\setup\setup_exe.pdb

Imports

kernel32

SizeofResource
LockResource
LoadResource
FindResourceA
FindResourceExA
GetProcAddress
LoadLibraryA
GetPrivateProfileStringA
RemoveDirectoryA
DeleteFileA
GetTempFileNameA
CreateDirectoryA
GetTempPathA
GetModuleFileNameA
LocalAlloc
DeleteCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
WideCharToMultiByte
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
lstrcpyA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetStartupInfoA
CreateFileA
CloseHandle
ReadFile
SetFilePointer
GetACP
WriteFile
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
GetModuleHandleA
GetCurrentProcessId
GetTickCount
EnterCriticalSection
LeaveCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
ExitProcess
GetCommandLineA
GetSystemTimeAsFileTime
HeapCreate
VirtualFree
IsBadWritePtr
TerminateProcess
GetCurrentProcess
QueryPerformanceCounter
GetCurrentThreadId
SetUnhandledExceptionFilter
LCMapStringA
LCMapStringW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetOEMCP
GetCPInfo
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
GetFileSize
InterlockedExchange
FreeLibrary

shell32

SHFileOperationA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA

ole32

CoCreateGuid

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

38d4216cde1707d9eae9c943c4af5fb1

Headers

File Characteristics

PDB Paths

Imports

kernel32

shell32

advapi32

ole32

Sections

.text Size: 58KB - Virtual size: 58KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 2KB - Virtual size: 8KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 58KB - Virtual size: 58KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 2KB - Virtual size: 8KB

.rsrc
Size: 11KB - Virtual size: 10KB