1b4f3de156d68f74d441e1a107e391eaf1271d4539966e3bbac710bc1c9910e0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

1b4f3de156d68f74d441e1a107e391eaf1271d4539966e3bbac710bc1c9910e0.exe
Size

411KB
MD5

82a86ccdb123dffbf359d373340e3330
SHA1

095e7bb83b0334782c38acf1734df5d7d14d9ea0
SHA256

1b4f3de156d68f74d441e1a107e391eaf1271d4539966e3bbac710bc1c9910e0
SHA512

878ce8f303b2bc18f825c63df7d8b58b957934770002e74763d7afedc2abe4a1f545e1a43aa7c9ba0f9929100d597434cbc59004c42b8954a687893b00f3392d
SSDEEP

3072:BXNGWzowlfem3cylNDB+CCCCCCCCLP7ijVLc6h+BTy4x:tUWr7Nl+CCCCCCCCLP2hc6h+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b4f3de156d68f74d441e1a107e391eaf1271d4539966e3bbac710bc1c9910e0.exe

Files

1b4f3de156d68f74d441e1a107e391eaf1271d4539966e3bbac710bc1c9910e0.exe
.exe windows:6 windows x86 arch:x86

5249fce56ab123884e46be2ba25d50e5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\FSG\src\fsg\Release\nomask.pdb

Imports

comctl32

CreateToolbarEx

fsglib

fsg_init_rings
fsg_read_frame
fsg_init
fsg_get_physical_layout
fsg_get_version_information
fsg_close
fsg_get_find_ball_state
fsg_start_firing_emitters
fsg_trigger_on_hits
fsg_get_ball_frame
fsg_get_bounce_back_info
fsg_look_for_ball
fsg_do_masks
fsg_stop_looking
fsg_get_ball_info
fsg_get_trigger_frame
fsg_get_last_error

kernel32

GetModuleFileNameA
DecodePointer
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
EncodePointer
IsProcessorFeaturePresent
IsDebuggerPresent
Sleep

user32

CheckRadioButton
LoadCursorA
EnableMenuItem
ReleaseDC
InvalidateRect
GetDC
WinHelpA
SendMessageA
CreateDialogParamA
SetCursor
BeginPaint
EndPaint
RegisterClassA
DestroyMenu
UpdateWindow
ShowWindow
DefWindowProcA
MessageBoxA
GetWindowDC
FillRect
DrawTextA
GetMessageA
SetTimer
PostQuitMessage
TranslateMessage
GetMenu
GetDlgItem
EndDialog
DispatchMessageA
SetScrollPos
GetSystemMetrics
EnableWindow
GetDlgItemTextA
SetDlgItemTextA
MoveWindow
LoadIconA
GetScrollRange
BringWindowToTop
CreateWindowExA
DialogBoxParamA

gdi32

MoveToEx
LineTo
DeleteDC
CreateSolidBrush
SetTextColor
CreateFontIndirectA
SetBkColor
SetBkMode
GetTextMetricsA
TextOutA
DeleteObject
SelectObject
Rectangle
CreatePen
GetStockObject
GetPixel

comdlg32

GetOpenFileNameA
GetSaveFileNameA

msvcr110

_controlfp_s
_invoke_watson
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
__crtSetUnhandledExceptionFilter
?terminate@@YAXXZ
_commode
_except_handler4_common
_acmdln
_initterm
_initterm_e
__setusermatherr
_configthreadlocale
_ismbblead
_cexit
_exit
__set_app_type
__getmainargs
_amsg_exit
__crtGetShowWindowMode
_XcptFilter
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
_stat64i32
exit
_mkdir
_CIatan2
_fmode
freopen
srand
__iob_func
fgets
strncmp
sscanf
fprintf
_time64
_localtime64
printf
sprintf
fclose
fopen
malloc
memset
free

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 377KB - Virtual size: 377KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5249fce56ab123884e46be2ba25d50e5

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

fsglib

kernel32

user32

gdi32

comdlg32

msvcr110

Sections

.text Size: 20KB - Virtual size: 20KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 32KB

.rsrc Size: 377KB - Virtual size: 377KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 20KB - Virtual size: 20KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 32KB

.rsrc
Size: 377KB - Virtual size: 377KB

.reloc
Size: 5KB - Virtual size: 4KB