f303e4551fa0c021a61073e7a401c9ba2f621a9f0a02e7bc8d5522bd2e5aa345[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

f303e4551fa0c021a61073e7a401c9ba2f621a9f0a02e7bc8d5522bd2e5aa345.exe
Size

312KB
MD5

bf48630d7ba4088905ca483f2dbc9382
SHA1

af93f4609326a6630a19808775ae0b879d2131d5
SHA256

f303e4551fa0c021a61073e7a401c9ba2f621a9f0a02e7bc8d5522bd2e5aa345
SHA512

d24f4e7896ce33e799661b3110757d55beb36adb1a54b1f0a686718750a64f9b67bca2cf9b9c95833c2a849658168be9da2deee3341a16ac69d126c0f95f749a
SSDEEP

3072:x330ltWCmu9GeOyKM4ipNF87xLEoijgExxC51eWvvidBbj0rX+qMQm0GCHG:x0ltWSGedMxQoij9ng1NvidaXrmJt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f303e4551fa0c021a61073e7a401c9ba2f621a9f0a02e7bc8d5522bd2e5aa345.exe

Files

f303e4551fa0c021a61073e7a401c9ba2f621a9f0a02e7bc8d5522bd2e5aa345.exe
.exe windows:5 windows x86 arch:x86

4c26c44b7c0e3746418b0f1286e9d8f4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\wkimberl\documents\visual studio 2013\Projects\fh_loader\Release\fh_loader.pdb

Imports

kernel32

CreateFileA
GetTickCount
WriteFile
SetCommTimeouts
Sleep
ReadFile
CloseHandle
DuplicateHandle
GetCurrentProcess
CreateProcessA
EnterCriticalSection
LeaveCriticalSection
IsDebuggerPresent
IsProcessorFeaturePresent
GetDriveTypeW
GetFullPathNameA
GetLastError
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineA
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
GetCurrentThreadId
HeapFree
WaitForSingleObject
GetExitCodeProcess
CreatePipe
DeleteCriticalSection
GetStdHandle
GetFileType
GetStartupInfoW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
RtlUnwind
ReadConsoleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetFilePointerEx
GetCurrentDirectoryW
GetTimeZoneInformation
GetModuleFileNameW
LoadLibraryExW
FindClose
FindFirstFileExW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetProcessHeap
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStringTypeW
CompareStringW
LCMapStringW
GetFileAttributesExW
SetStdHandle
HeapAlloc
HeapReAlloc
WriteConsoleW
OutputDebugStringW
HeapSize
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
GetFullPathNameW
CreateFileW
SetEnvironmentVariableA
SetEndOfFile
CreateDirectoryW
RaiseException

Sections

.text
Size: 153KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 77.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

`3ؗ�u�
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4c26c44b7c0e3746418b0f1286e9d8f4

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Sections

.text Size: 153KB - Virtual size: 152KB

.rdata Size: 54KB - Virtual size: 54KB

.data Size: 71KB - Virtual size: 77.0MB

.rsrc Size: 1024B - Virtual size: 648B

.reloc Size: 14KB - Virtual size: 14KB

`3ؗ�u� Size: 16KB - Virtual size: 20KB

.text
Size: 153KB - Virtual size: 152KB

.rdata
Size: 54KB - Virtual size: 54KB

.data
Size: 71KB - Virtual size: 77.0MB

.rsrc
Size: 1024B - Virtual size: 648B

.reloc
Size: 14KB - Virtual size: 14KB

`3ؗ�u�
Size: 16KB - Virtual size: 20KB