fe899a5bbd3d42663b0ba918e34b312146b616d74768162e615c8990e8015615

Sharing

Copy URL

Twitter E-mail

General

Target

fe899a5bbd3d42663b0ba918e34b312146b616d74768162e615c8990e8015615
Size

220KB
MD5

da1c396195955ca7e2bbe7b19ce8b001
SHA1

9b5b9ef62b1fb1d772f1636668ade2881515214a
SHA256

fe899a5bbd3d42663b0ba918e34b312146b616d74768162e615c8990e8015615
SHA512

42d400f6fff2961584280d7ccff09cabab65cae80fe2676b73a660ac40fd1acb8dc7b5a68dd4f8f3aa0ca15614add37c52a72224bb6ca164640c40c9787f8dd1
SSDEEP

1536:/TH6xygMonhVBPvo0+PNyAqvlFETnCBgTWlpCDnnm9oTTafp3UTStP/d8w:raxyecyAslbKmB1UetPl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe899a5bbd3d42663b0ba918e34b312146b616d74768162e615c8990e8015615

Files

fe899a5bbd3d42663b0ba918e34b312146b616d74768162e615c8990e8015615
.exe windows:4 windows x86 arch:x86

8d691eed9206c0d1a9a9755517703603

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTempFileNameA
GetTempPathA
DeleteFileA
InterlockedDecrement
GetModuleFileNameA
GetComputerNameA
InterlockedExchange
MultiByteToWideChar
GetLastError
lstrlenA
GetOEMCP
InterlockedIncrement
SetEndOfFile
LoadLibraryA
CopyFileA
FlushFileBuffers
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapCreate
VirtualFree
ExitProcess
Sleep
CloseHandle
SetFilePointer
GetFileType
WideCharToMultiByte
FindResourceExA
FindResourceA
LoadResource
LockResource
CreateFileA
SizeofResource
GetStdHandle
SetHandleCount
ReadFile
GetConsoleMode
GetConsoleCP
WriteFile
GetCurrentThreadId
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
GetCommandLineA
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
RtlUnwind
VirtualAlloc
GetProcAddress
GetModuleHandleA
IsValidCodePage

user32

SetCursor
EndPaint
UnregisterClassA
DrawTextA
GetClientRect
BeginPaint
DialogBoxParamA
DestroyWindow
DefWindowProcA
PostQuitMessage
SetWindowPos
GetWindowRect
LoadStringA
CreateWindowExA
SetTimer
GetWindowLongA
GetDC
EqualRect
UpdateLayeredWindow
SetWindowLongA
GetCursorPos
SetCapture
EndDialog
MoveWindow
GetWindowDC
ReleaseDC
ReleaseCapture
LoadAcceleratorsA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
PostMessageA
LoadIconA
LoadCursorA
RegisterClassExA

gdi32

CreateDIBSection
SelectObject
GetDeviceCaps
DeleteDC
DeleteObject
CreateCompatibleDC

ole32

OleUninitialize
OleInitialize
OleDraw
OleRun
CoCreateInstance
OleSetContainedObject
OleCreate

oleaut32

VariantClear
VariantChangeType
VariantCopy
VariantInit
SysFreeString
SysStringLen
SysAllocString
GetErrorInfo

pdh

PdhCollectQueryData
PdhAddCounterA
PdhOpenQueryA
PdhCloseQuery
PdhRemoveCounter

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rmnet
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8d691eed9206c0d1a9a9755517703603

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

oleaut32

pdh

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 20KB - Virtual size: 16KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 2KB

.rmnet Size: 96KB - Virtual size: 95KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 20KB - Virtual size: 16KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 2KB

.rmnet
Size: 96KB - Virtual size: 95KB