fc8489890b469b3b3698f0453f93e8bc0ece34107c6a2ce55f4c9704af1c52d5[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

fc8489890b469b3b3698f0453f93e8bc0ece34107c6a2ce55f4c9704af1c52d5.exe
Size

208KB
MD5

ee8aa4f5d9c60903c2c9f2f68d390d64
SHA1

5d00da5d3a10631d1763241a474fb1f0612cb2b2
SHA256

fc8489890b469b3b3698f0453f93e8bc0ece34107c6a2ce55f4c9704af1c52d5
SHA512

7bdab0c0106b324fe8ddbb2402fd944d4a811fa61530f4dcdb51c9090bb5d3b6c7bbe312f2cb4ad0a91db538f17989cb4fbec44f0c1f76cc50bab94f2d443a1b
SSDEEP

6144:+6ZwzttVIx4DEsbMH1x5PFfXlKtxfeTY5yBsfKr:IGx4Drbm1fPJAtxm3myr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc8489890b469b3b3698f0453f93e8bc0ece34107c6a2ce55f4c9704af1c52d5.exe

Files

fc8489890b469b3b3698f0453f93e8bc0ece34107c6a2ce55f4c9704af1c52d5.exe
.exe windows:4 windows x86 arch:x86

864f221e7daa228a85902999a0b19592

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

imagehlp

ImageRvaToVa
ImageNtHeader
ImageGetDigestStream
ImageDirectoryEntryToData

msvfw32

ICInfo

shell32

CommandLineToArgvW

kernel32

GetLastError
HeapReAlloc
QueryPerformanceCounter
RemoveDirectoryA
MapViewOfFile
ExitProcess
GetACP
lstrlenA
LoadResource
WideCharToMultiByte
CloseHandle
MultiByteToWideChar
UpdateResourceW
CreateFiberEx
FindClose
HeapSize
SizeofResource
lstrcmpiA
DeleteFileW
EnumResourceLanguagesW
InterlockedDecrement
RaiseException
LoadLibraryExA
GlobalAlloc
CreateDirectoryA
GetSystemTimeAsFileTime
GetFileAttributesW
DeleteCriticalSection
EscapeCommFunction
GetFileAttributesA
GetLocaleInfoA
GlobalLock
GetCurrentThreadId
InterlockedIncrement
EnumResourceTypesW
SetLastError
_lwrite
HeapDestroy
FindFirstFileA
GetFileSize
CopyFileW
GetCurrentProcessId
TerminateProcess
InterlockedExchange
FindNextFileW
GetStringTypeExW
GetSystemDirectoryA
EnumResourceNamesW
OutputDebugStringA
lstrlenW
_lclose
LoadLibraryExW
GetCurrentProcess
GetEnvironmentVariableA
_llseek
SetUnhandledExceptionFilter
SetEndOfFile
EnterCriticalSection
FindFirstFileW
FormatMessageW
GetProcessHeap
EnumResourceNamesA
FreeLibrary
FindResourceExW
LockResource
GetProcAddress
CopyFileA
GetFileInformationByHandle
GetTempFileNameW
RemoveDirectoryW
HeapFree
GlobalFree
SetFileAttributesW
GetVersionExW
HeapAlloc
InterlockedCompareExchange
AreFileApisANSI
FindResourceW
Sleep
GetModuleHandleW
CreateFileMappingA
InitializeCriticalSection
GetTickCount
FatalExit
DebugBreak
FindNextFileA
GetOEMCP
GetFullPathNameW
BeginUpdateResourceW
GlobalUnlock
GetThreadLocale
LeaveCriticalSection
GetTempPathW
CreateDirectoryW
CreateFileW
_lread
GetCommandLineW
GetVersionExA
EndUpdateResourceW
GetFullPathNameA
SetFileAttributesA
GetCurrentDirectoryW
DeleteFileA
SetFilePointer
WriteFile
UnhandledExceptionFilter
CreateFileA
IsDebuggerPresent
ReadFile
UnmapViewOfFile
LoadLibraryA
GetVersion
FreeResource
LocalFree
MoveFileW
lstrcpyA

advapi32

CryptHashData
CryptCreateHash
CryptAcquireContextA
CryptReleaseContext
CryptGetHashParam
CryptDestroyHash

user32

MonitorFromWindow
CharNextA
wsprintfW
CharNextW

psapi

GetProcessMemoryInfo

Sections

.text
Size: 184KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

864f221e7daa228a85902999a0b19592

Headers

File Characteristics

Imports

imagehlp

msvfw32

shell32

kernel32

advapi32

user32

psapi

Sections

.text Size: 184KB - Virtual size: 183KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 19KB - Virtual size: 18KB

.lib Size: 512B - Virtual size: 96KB

.text
Size: 184KB - Virtual size: 183KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 19KB - Virtual size: 18KB

.lib
Size: 512B - Virtual size: 96KB