bcafa75153d21270bb3c7cc1fa62783217ab7f5673e101fca99f9174724668b4[.]bin

General

Target

bcafa75153d21270bb3c7cc1fa62783217ab7f5673e101fca99f9174724668b4.bin
Size

640KB
MD5

05d8e078a999a4d9f871569fc93966e8
SHA1

0351fa49eefef79b5a82fd73b2203039c61cf9ae
SHA256

bcafa75153d21270bb3c7cc1fa62783217ab7f5673e101fca99f9174724668b4
SHA512

0aadecc7f6508d2347e7e685ef890453f9371b3b42ec7e059fcdb561164eba7da5bb2b286c37376b238bd65c97db231e886580d3bbbb682eb7245e7568985883
SSDEEP

12288:l3aHzZfZfZfZfZfZfZmZ2XsHUKwbNWuTncBxPMRS8SUC9H4jlNEz9vBiptAE43/:8TZfZfZfZfZfZfZmZ2XsHUK8ni0U8SU0

Score

N/A

Malware Config

Signatures

Files

bcafa75153d21270bb3c7cc1fa62783217ab7f5673e101fca99f9174724668b4.bin
.exe windows x86

ed36d6b5bc2364ec85cc07421435bb85

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

nddeapi

NDdeShareAddA
NDdeShareDelA
NDdeShareGetInfoA

kernel32

GetModuleFileNameA
lstrcmpiA
GetDateFormatA
GetModuleHandleW
GetProcAddress
CreateMailslotW
GetLogicalDriveStringsW
ReadConsoleW
WaitForSingleObject
InitializeCriticalSection
LoadLibraryA
GetConsoleAliasA
GetFileAttributesW
DeleteFileW
SearchPathA
GetACP
GetCommandLineA
CreateFileMappingA
SetErrorMode

advapi32

RegEnumKeyA
RegReplaceKeyW
RegUnLoadKeyA
OpenEventLogA
ClearEventLogW
RegLoadKeyA
LogonUserW
RegCreateKeyExW
InitializeAcl
CryptSignHashW
ControlService
RegDeleteValueA
RegOpenKeyA

shell32

FindExecutableW
SHGetFileInfoW
StrStrA
StrChrW
ShellAboutW
ExtractIconW
SHGetFolderPathA
DllRegisterServer
SHCreateShellItem
SHFree

user32

GetClassLongW
LoadBitmapW
CreateDesktopA
wsprintfA
PostMessageA
GetDlgItemTextW
IsDialogMessageA
DispatchMessageW
GetMessageA
LoadMenuA
LoadStringA
LoadIconW
DialogBoxParamA
CharToOemA
DrawStateA
InsertMenuW
GetPropW

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 553KB - Virtual size: 553KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ed36d6b5bc2364ec85cc07421435bb85

Headers

DLL Characteristics

File Characteristics

Imports

nddeapi

kernel32

advapi32

shell32

user32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 30KB - Virtual size: 30KB

.rsrc Size: 553KB - Virtual size: 553KB

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 30KB - Virtual size: 30KB

.rsrc
Size: 553KB - Virtual size: 553KB