fancontrol[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

fancontrol.exe
Size

1.2MB
MD5

69724b58f6c9293acd6eb1ff45421a84
SHA1

9c27c576591a83a1b65c225dc0d530ead8fd17c4
SHA256

dc61fe2457e6af9403ed3a53a881045121f5a42738c0dc51e1e05a9ee7dd4360
SHA512

66d047a697bc282e3f2311d67c9907a46383d8e13e8acc9bc8dc652f82502eb75b092933961f533f30802d85392268b42e5be9320d8cf3c44df315d36d15e81b
SSDEEP

24576:9An+S9yXMxD0Z3kJLyN4w2bDksh5ba4lJud1iH5yLcKa/loiKjkC/njE6Yvi:5cZaKJu5aWFjE6Yvi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fancontrol.exe

Files

fancontrol.exe
.exe windows:6 windows x86 arch:x86

2779b009d8268bb43d4c84c42b8b99b3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\treez\Documents\Github\TPFanCtrl2\fancontrol\Debug\fancontrol.pdb

Imports

comctl32

ord17

user32

PostMessageA
MessageBoxA
DrawTextExA
GetDC
DestroyIcon
CreateIconIndirect
RegisterWindowMessageA
GetMessageA
TranslateMessage
DispatchMessageA
RegisterHotKey
SendMessageA
DefWindowProcA
DestroyWindow
ShowWindow
IsWindowVisible
CreateDialogParamA
GetDlgItem
SetDlgItemTextA
SendDlgItemMessageA
GetAsyncKeyState
KillTimer
GetMenuItemInfoA
InsertMenuItemA
DeleteMenu
RemoveMenu
AppendMenuA
GetMenuItemCount
EnableMenuItem
CheckMenuItem
CreateMenu
DrawMenuBar
GetMenuState
GetMenu
SystemParametersInfoA
LoadImageA
LoadIconA
GetClassNameA
FindWindowA
EnumChildWindows
SetParent
GetCursorPos
GetWindowRect
RedrawWindow
SetActiveWindow
SetMenuDefaultItem
TrackPopupMenu
GetMenuItemID
GetSubMenu
LoadMenuA
IsWindow
CreateWindowExA
RegisterClassExA
DrawAnimatedRects
LoadStringA
GetWindowPlacement
GetDlgItemTextA
IsDialogMessageA
SetWindowLongA
GetWindowLongA
GetWindowTextA
SetWindowTextA
SetForegroundWindow
DestroyMenu
EnableWindow
SetTimer

kernel32

DecodePointer
SetEndOfFile
ReadConsoleW
ReadFile
FlushFileBuffers
CreateFileW
HeapQueryInformation
HeapSize
HeapReAlloc
GetStringTypeW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetFileAttributesExW
CreateProcessW
GetExitCodeProcess
SetConsoleCtrlHandler
OutputDebugStringW
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetCurrentThread
GetSystemInfo
HeapValidate
ExitProcess
WriteConsoleW
GetFileType
SetCurrentDirectoryA
CloseHandle
GetLastError
WaitForSingleObject
CreateMutexA
Sleep
GetModuleFileNameA
GetModuleHandleA
LocalAlloc
LocalFree
FormatMessageA
WriteFile
GetTickCount
lstrcpynA
CreateNamedPipeA
VerifyVersionInfoA
Beep
GetCurrentProcess
CreateThread
SetPriorityClass
GetLocalTime
GetDateFormatA
GetTimeFormatA
GetLocaleInfoA
GetVersion
lstrlenA
ReleaseMutex
WideCharToMultiByte
GetStdHandle
GetModuleHandleExW
FreeLibraryAndExitThread
ResumeThread
ExitThread
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
EncodePointer
SetLastError
LoadLibraryExW
GetModuleFileNameW
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetProcAddress
FreeLibrary
VirtualQuery
GetProcessHeap
MultiByteToWideChar
RaiseException
IsDebuggerPresent
HeapFree
HeapAlloc
GetModuleHandleW
GetStartupInfoW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter

gdi32

CreateCompatibleBitmap
SetBkMode
SelectObject
PatBlt
FillRgn
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreateFontIndirectA
CreateCompatibleDC

advapi32

RegisterServiceCtrlHandlerA
CreateServiceA
DeleteService
StartServiceCtrlDispatcherA
SetServiceStatus
CloseServiceHandle
OpenServiceA
OpenSCManagerA

shell32

ShellExecuteA
SHAppBarMessage
Shell_NotifyIconA

tvicport

ReadPort
SetHardAccess
TestHardAccess
OpenTVicPort
CloseTVicPort
WritePort

Sections

.textbss
Size: - Virtual size: 437KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 950KB - Virtual size: 950KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 270B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2779b009d8268bb43d4c84c42b8b99b3

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

gdi32

advapi32

shell32

tvicport

Sections

.textbss Size: - Virtual size: 437KB

.text Size: 950KB - Virtual size: 950KB

.rdata Size: 193KB - Virtual size: 192KB

.data Size: 4KB - Virtual size: 25KB

.idata Size: 7KB - Virtual size: 7KB

.00cfg Size: 512B - Virtual size: 270B

.rsrc Size: 61KB - Virtual size: 60KB

.reloc Size: 33KB - Virtual size: 32KB

.textbss
Size: - Virtual size: 437KB

.text
Size: 950KB - Virtual size: 950KB

.rdata
Size: 193KB - Virtual size: 192KB

.data
Size: 4KB - Virtual size: 25KB

.idata
Size: 7KB - Virtual size: 7KB

.00cfg
Size: 512B - Virtual size: 270B

.rsrc
Size: 61KB - Virtual size: 60KB

.reloc
Size: 33KB - Virtual size: 32KB