08794407fae8551dcb26e97c86554830N[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

08794407fae8551dcb26e97c86554830N.exe
Size

1.7MB
MD5

08794407fae8551dcb26e97c86554830
SHA1

b7cba169d6788aa6e4fe24a9e0ed5ab0c8f92416
SHA256

0a20450cfc94438ade27a687cc26368d2267885ef79c72ceb6870b8266bf0b40
SHA512

a7af21f392cb73d2ba2ff8b35c39d2a314a6ef5e91f71311acc2295b04042213b4408f5fae047169eadc368f9e2e9d947760ea772c2662380e986f21263bbbbf
SSDEEP

24576:wqD62cUAhnPG1iroNKm8p467oaStZ81IFE8jkzs36Sa0yb5TZAYh:BZUhqirKz8p49T81QkzsKSnyb5TZAYh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08794407fae8551dcb26e97c86554830N.exe

Files

08794407fae8551dcb26e97c86554830N.exe
.exe windows:4 windows x86 arch:x86

93f1d9f0bdc776aac443e75773400caf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\data\dev\sprout\Release\FeedingFrenzyTwo\Mainline\FeedingFrenzyTwo\FeedingFrenzyTwo-saf-instrument.pdb

Imports

kernel32

GetSystemInfo
QueryPerformanceFrequency
OutputDebugStringA
FormatMessageA
GetUserDefaultLangID
CreateMutexA
SetThreadPriority
SetErrorMode
LocalFree
VirtualQuery
IsBadWritePtr
MulDiv
CreateFileA
CloseHandle
WriteFile
ReadFile
GlobalSize
GlobalLock
GlobalUnlock
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
InterlockedDecrement
LoadLibraryA
GetProcAddress
FreeLibrary
CompareStringA
GetLocaleInfoA
GetNumberFormatA
GetTimeFormatA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoA
GetModuleHandleA
ExitProcess
GetLastError
ResumeThread
GetSystemTime
HeapReAlloc
WriteConsoleW
GetFileType
GetStdHandle
GetModuleFileNameW
RaiseException
RtlUnwind
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetCurrentThread
GetModuleFileNameA
HeapSize
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
DeleteCriticalSection
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
VirtualAlloc
LCMapStringA
LCMapStringW
LoadLibraryW
GetDateFormatA
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetTimeZoneInformation
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
CompareStringW
SetEnvironmentVariableA
lstrlenA
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
FindClose
SetEndOfFile
CreateThread
Sleep

user32

ShowWindow
GetWindowRect
MoveWindow
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
GetWindowLongA
DefWindowProcA
GetClientRect
GetAsyncKeyState
SetFocus
OpenClipboard
GetClipboardData
CloseClipboard
CharLowerA
AdjustWindowRect
RegisterClassA
LoadIconA
LoadCursorA
DestroyWindow
SetTimer
GetDC
GetDesktopWindow
MessageBoxA
SetWindowLongA
SetWindowPos
SetMenu
IsClipboardFormatAvailable
GetSystemMetrics
EnumDisplaySettingsA
IsWindowEnabled
OpenIcon
CloseWindow
IsWindowVisible
SetCursorPos
CreateWindowExA
GetCursorPos
ClipCursor
ClientToScreen
ShowCursor
GetParent
UpdateWindow
ReleaseCapture
SetCapture
SetForegroundWindow
ScreenToClient
KillTimer
IsIconic
PostQuitMessage
LoadStringA
PeekMessageA
GetForegroundWindow
PostMessageA
RegisterWindowMessageA
ReleaseDC

shell32

ShellExecuteA

dsound

ord1

winmm

mixerGetControlDetailsA
mixerClose
mixerSetControlDetails
mixerGetLineControlsA
timeBeginPeriod
mixerGetLineInfoA
mixerOpen
mixerGetDevCapsA
timeEndPeriod

gdi32

CreateFontA
BitBlt
DeleteObject

advapi32

RegEnumValueA
RegSetValueExA
RegDeleteKeyA
RegEnumKeyExA
RegCreateKeyExA
RegCloseKey
RegQueryValueExA

shlwapi

PathIsRelativeA

wininet

InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetOpenA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 300KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

93f1d9f0bdc776aac443e75773400caf

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

shell32

dsound

winmm

gdi32

advapi32

shlwapi

wininet

version

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 300KB - Virtual size: 300KB

.data Size: 100KB - Virtual size: 119KB

.rsrc Size: 36KB - Virtual size: 60KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 300KB - Virtual size: 300KB

.data
Size: 100KB - Virtual size: 119KB

.rsrc
Size: 36KB - Virtual size: 60KB