fccc86ae3430b5816c891e8b8425bd49fc8f0e9d7fa523199b67d9c279d2e4dd | Triage

Sharing

General

Target

fccc86ae3430b5816c891e8b8425bd49fc8f0e9d7fa523199b67d9c279d2e4dd
Size

170KB
MD5

d5624689ee615f9503b4d85f151044a7
SHA1

de0fd513a529c8f5f736ab4b82c7b18e7bdb1df9
SHA256

fccc86ae3430b5816c891e8b8425bd49fc8f0e9d7fa523199b67d9c279d2e4dd
SHA512

203c1caa587760ce8fca0c89c16d3291fc85bd9a8452ebc7a01c591223236d5a54b7ceaf4f0243c90a88ff2f0f6f2d42c15cf2771e335a8b6978503255394edb
SSDEEP

3072:YBj3OovdbTMucfSTk5trgIOtComxDBqdpD:YBDP2uRTEXOtZmaX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fccc86ae3430b5816c891e8b8425bd49fc8f0e9d7fa523199b67d9c279d2e4dd

Files

fccc86ae3430b5816c891e8b8425bd49fc8f0e9d7fa523199b67d9c279d2e4dd
.exe windows:4 windows x86 arch:x86

2fe377595b047404e512498b11907525

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetMalloc
CoInitializeSecurity
CoQueryProxyBlanket
CoUninitialize
CoCreateInstance
CoSetProxyBlanket
CoInitializeEx
CoTaskMemFree
StringFromGUID2

rpcrt4

UuidCreate

kernel32

GetCalendarInfoW
GetStartupInfoA
ReadFile
DeleteCriticalSection
InitializeCriticalSection
GetOEMCP
SetEndOfFile
GetCPInfo
VirtualAlloc
SetFilePointer
GetACP
HeapReAlloc
EnumResourceNamesA
RtlUnwind
HeapCreate
RaiseException
FreeEnvironmentStringsA
VirtualFree
HeapDestroy
LeaveCriticalSection
HeapSize
IsValidCodePage
ExitProcess
EnterCriticalSection
SetEnvironmentVariableA

user32

SendMessageA
GetDlgItem
CreateWindowExW
EnumChildWindows
IsWindow
DestroyWindow
GetWindowThreadProcessId

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ