e24b8c60be9930df7e23de7ce251c851d37a6836bdbbc07fa8a49633e6b97be6

Sharing

Copy URL Twitter E-mail

General

Target

e24b8c60be9930df7e23de7ce251c851d37a6836bdbbc07fa8a49633e6b97be6
Size

1.2MB
MD5

62d920d8bee74dcacfd98013ad9c2f20
SHA1

ea96026e316a4022e1dcf9a75b25b5cf7aca2a0f
SHA256

e24b8c60be9930df7e23de7ce251c851d37a6836bdbbc07fa8a49633e6b97be6
SHA512

a32659101b5f412f4ecac68a1ff55e616aaf38a1b1655fd37e07ad9e130e8046c0c467a70a6d5e2ffc1bf0ee461502478c67c566af27a174367e39b396618bfe
SSDEEP

24576:8GtlqzH2ev0FfWbFH95pL9wtJigAGEpNaZr1X:8Gtlqzt3H95pZwTXA/pgZR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e24b8c60be9930df7e23de7ce251c851d37a6836bdbbc07fa8a49633e6b97be6

Files

e24b8c60be9930df7e23de7ce251c851d37a6836bdbbc07fa8a49633e6b97be6
.exe windows:6 windows x64 arch:x64

5adb3dd771f3106c28a07d31ecb32413

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\FastCopy\x64\Obj\Release\FastCopy.pdb

Imports

kernel32

CreateDirectoryW
GetFullPathNameW
GetFileAttributesW
GetUserDefaultLCID
DeleteFileW
MoveFileExW
CopyFileW
MoveFileW
ReadFile
GetVolumeInformationW
CancelIo
TlsSetValue
SetLastError
EnterCriticalSection
FindNextFileW
WriteFile
GetDiskFreeSpaceW
SetFileTime
SetThreadPriority
LeaveCriticalSection
InitializeCriticalSection
FindClose
WaitForSingleObject
CreateFileW
GetCurrentThreadId
SuspendThread
ResumeThread
SetFileAttributesW
Sleep
GetFileInformationByHandle
FormatMessageW
LocalFileTimeToFileTime
GetLastError
FileTimeToSystemTime
GetCurrentThread
TerminateThread
TlsAlloc
CloseHandle
GetLocalTime
GetOverlappedResult
DeleteCriticalSection
SystemTimeToFileTime
TlsGetValue
SystemTimeToTzSpecificLocalTime
TlsFree
CreateEventA
GetTickCount
GetDriveTypeW
SetFilePointer
SetEndOfFile
FlushFileBuffers
GetFileSizeEx
BackupRead
BackupSeek
GetFileTime
BackupWrite
CreateHardLinkW
SetFileValidData
FindFirstFileW
CreateMutexA
ReleaseMutex
GetFileSize
GetSystemTimeAsFileTime
SetDllDirectoryW
SetPriorityClass
GetCommandLineW
SetSystemPowerState
GetCurrentProcess
GetThreadLocale
CreatePipe
DuplicateHandle
GetModuleHandleA
OpenProcess
ProcessIdToSessionId
TzSpecificLocalTimeToSystemTime
GetCurrentProcessId
SetThreadExecutionState
GetSystemTime
GetLongPathNameW
GetFileAttributesExW
CreateProcessW
GetStdHandle
SetConsoleMode
GetConsoleMode
WriteConsoleW
GetTempPathW
GetCurrentDirectoryW
SetCurrentDirectoryW
GetProcAddress
FreeLibrary
UnmapViewOfFile
OpenMutexA
CreateFileMappingA
MapViewOfFile
DeviceIoControl
RemoveDirectoryW
FindFirstChangeNotificationW
GetVolumeNameForVolumeMountPointW
FindCloseChangeNotification
FindNextChangeNotification
GetEnvironmentVariableW
HeapSize
GetConsoleOutputCP
SetFilePointerEx
SetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
GetCommandLineA
GetOEMCP
VirtualFree
VirtualAlloc
GetModuleFileNameW
SetEvent
GetVersionExA
GetModuleHandleW
GetEnvironmentStringsW
WriteConsoleA
OutputDebugStringA
AttachConsole
OutputDebugStringW
FreeConsole
GetFileType
AllocConsole
SetThreadLocale
FindFirstFileExW
GetSystemDirectoryW
GetExitCodeThread
GlobalAlloc
GlobalFree
LoadLibraryW
GlobalLock
MultiByteToWideChar
WideCharToMultiByte
CreateMutexW
ExitProcess
GetModuleFileNameA
RtlCaptureStackBackTrace
GetModuleHandleExA
RaiseException
K32GetModuleInformation
CreateThread
IsBadReadPtr
SetUnhandledExceptionFilter
SizeofResource
FindResourceA
LockResource
LoadResource
GetSystemInfo
VirtualProtect
VirtualQuery
LoadLibraryExA
LCMapStringEx
InitializeCriticalSectionEx
EncodePointer
DecodePointer
CompareStringEx
GetCPInfo
GetStringTypeW
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
InitializeCriticalSectionAndSpinCount
LoadLibraryExW
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
HeapAlloc
HeapReAlloc
HeapFree
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesW
IsValidCodePage
GetACP

oleaut32

SafeArrayGetUBound
SafeArrayGetElement
SafeArrayGetLBound
VariantInit
SysAllocString
SafeArrayPutElement
SafeArrayCreateVector
VariantClear
SysFreeString

Sections

.text
Size: 736KB - Virtual size: 735KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 243KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fptable
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5adb3dd771f3106c28a07d31ecb32413

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

oleaut32

Sections

.text Size: 736KB - Virtual size: 735KB

.rdata Size: 243KB - Virtual size: 242KB

.data Size: 21KB - Virtual size: 119KB

.pdata Size: 32KB - Virtual size: 31KB

.fptable Size: 512B - Virtual size: 256B

.rsrc Size: 140KB - Virtual size: 140KB

.reloc Size: 11KB - Virtual size: 10KB

.text
Size: 736KB - Virtual size: 735KB

.rdata
Size: 243KB - Virtual size: 242KB

.data
Size: 21KB - Virtual size: 119KB

.pdata
Size: 32KB - Virtual size: 31KB

.fptable
Size: 512B - Virtual size: 256B

.rsrc
Size: 140KB - Virtual size: 140KB

.reloc
Size: 11KB - Virtual size: 10KB