0f96f8d79676a13395bd439d0e31f93d6a670d45d817b0ce10f6b1918e703abf

Sharing

Copy URL

Twitter E-mail

General

Target

0f96f8d79676a13395bd439d0e31f93d6a670d45d817b0ce10f6b1918e703abf
Size

410KB
MD5

92997805268682c3500542c6627f391a
SHA1

0a95cd5e7f3bd4632d621e55142f99d48e17966e
SHA256

0f96f8d79676a13395bd439d0e31f93d6a670d45d817b0ce10f6b1918e703abf
SHA512

96a4be41ba12135901dd11fa4d79b8ecd975e9f508dde29b9778b941c1c297dd8f842307957428b62412d8d5034a64f9652f036ac945974d7b1bb1f3d91945bb
SSDEEP

3072:xvAHUCVu/SLibYemI6E3G2kq6JO88jZfIHf3lormuzaY9zxevKtS1ANmkB2A8xKp:eDVuqhI6EHkHJ6jva2x/I6Pb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f96f8d79676a13395bd439d0e31f93d6a670d45d817b0ce10f6b1918e703abf

Files

0f96f8d79676a13395bd439d0e31f93d6a670d45d817b0ce10f6b1918e703abf
.exe windows:6 windows x86 arch:x86

4fabaf1eab81f42611d8c60e4487ddf8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\src\FL2000\trunk\flvga_tray\Release\x86\flvga_tray.pdb

Imports

kernel32

GetCurrentProcess
CreateProcessW
GetCommandLineW
ExitProcess
CreateToolhelp32Snapshot
Process32FirstW
GetCurrentProcessId
Process32NextW
CreateMutexW
GetLastError
LocalFree
CreateThread
CreateEventW
CreateFileW
DeviceIoControl
LocalAlloc
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
WriteConsoleW
DecodePointer
HeapReAlloc
HeapSize
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
SetFilePointerEx
GetFileSizeEx
Sleep
SetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetFileType
HeapAlloc
HeapFree
LCMapStringW
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleHandleExW
LoadLibraryExW
TlsFree
TlsSetValue
FreeLibrary
GetProcAddress
CloseHandle
TerminateProcess
WaitForSingleObject
GetStringTypeW
OpenProcess
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
EncodePointer
SetLastError
QueryPerformanceCounter
RaiseException
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwind
WideCharToMultiByte
MultiByteToWideChar
UnhandledExceptionFilter

user32

CreateWindowExW
LoadIconW
RegisterClassExW
RegisterWindowMessageW
DestroyWindow
RegisterDeviceNotificationW
EndDialog
UnregisterDeviceNotification
PostQuitMessage
EndPaint
BeginPaint
DialogBoxParamW
UpdateWindow
ShowWindow
LoadCursorW
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetMessageW
LoadAcceleratorsW
GetWindowThreadProcessId
EnumWindows
DefWindowProcW
GetMenuItemID
PostMessageW
TrackPopupMenu
SetForegroundWindow
GetCursorPos
SetMenuDefaultItem
DestroyMenu
GetSubMenu
LoadMenuW
LoadStringW
KillTimer

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken

shell32

CommandLineToArgvW
Shell_NotifyIconW

ole32

StringFromCLSID
CoTaskMemFree

oleaut32

VariantClear

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
CM_Reenumerate_DevNode
CM_Locate_DevNodeW
SetupDiRemoveDevice
SetupDiGetDeviceRegistryPropertyW
CM_Get_Parent
CM_Get_Device_IDW
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
SetupDiOpenDeviceInfoW
SetupDiCreateDeviceInfoList

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 267KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4fabaf1eab81f42611d8c60e4487ddf8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

setupapi

Sections

.text Size: 91KB - Virtual size: 91KB

.rdata Size: 42KB - Virtual size: 41KB

.data Size: 3KB - Virtual size: 6KB

.rsrc Size: 267KB - Virtual size: 266KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 91KB - Virtual size: 91KB

.rdata
Size: 42KB - Virtual size: 41KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 267KB - Virtual size: 266KB

.reloc
Size: 5KB - Virtual size: 4KB