6531f89508695c4a6646749c34b0453f66a4c033486bb66f1ffb60086692aee5[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

6531f89508695c4a6646749c34b0453f66a4c033486bb66f1ffb60086692aee5.bin
Size

268KB
MD5

5e12683c77315d77d3470fe5360bc988
SHA1

f76ae6ee508cf22f52b8533d704667a1893860d9
SHA256

6531f89508695c4a6646749c34b0453f66a4c033486bb66f1ffb60086692aee5
SHA512

cb80ae733443115e4cf9651cd4c223692d9d9d6fe169b14be30335fcd44c69a48623a10ed8020fc48c40cc4c981777e7d6f0d8765bfc7e870f59db00ce6ec069
SSDEEP

6144:iLlO0KmVtk9IOY2syHNJw67M7tw0pEfRcY411bXpWLxwJ5Movfb4SPDL4VkZeJyO:YVXJBkMWM7xYi11lmxwJ5Mqb4XGZeJy

Score

N/A

Malware Config

Signatures

Files

6531f89508695c4a6646749c34b0453f66a4c033486bb66f1ffb60086692aee5.bin
.exe windows x86

95d0c1a5f7a3484ee8910d495cbad600

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
FindClose
GetVolumeInformationA
GetModuleHandleA
CopyFileA
CreateFileA
FileTimeToSystemTime
GetSystemDirectoryA
DeleteFileA
GlobalAlloc
GlobalFree
CloseHandle
FileTimeToLocalFileTime
GetLocalTime
GetStartupInfoA
CreateJobObjectA
CreateProcessA
GetDiskFreeSpaceExA
GetComputerNameA
GetFileSizeEx
GetCurrentThreadId
GetVersionExA
GetNativeSystemInfo
SetErrorMode
CreateFileW
DecodePointer
HeapReAlloc
HeapSize
GetConsoleMode
GetConsoleCP
CreatePipe
FindNextFileA
GetDriveTypeA
TerminateProcess
AssignProcessToJobObject
WriteFile
FindFirstFileA
MoveFileA
SetInformationJobObject
ReadFile
GetLastError
FlushFileBuffers
GetStringTypeW
SetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
SetFilePointerEx
GetFileAttributesExW
WriteConsoleW
Sleep
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
DuplicateHandle
WaitForSingleObjectEx
GetCurrentProcess
SwitchToThread
GetCurrentThread
QueryPerformanceCounter
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
GetModuleHandleW
GetProcAddress
WideCharToMultiByte
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
CreateTimerQueue
SetEvent
SignalObjectAndWait
CreateThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
EncodePointer
GetThreadTimes
FreeLibrary
FreeLibraryAndExitThread
GetModuleFileNameW
LoadLibraryExW
GetVersionExW
VirtualAlloc
VirtualProtect
VirtualFree
ReleaseSemaphore
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
LoadLibraryW
RtlUnwind
RaiseException
ExitProcess
GetModuleHandleExW
ExitThread
GetStdHandle
HeapFree
HeapAlloc
GetFileType
MultiByteToWideChar
LCMapStringW

advapi32

CryptDecrypt
CryptDestroyHash
GetUserNameA
CryptDestroyKey
CryptAcquireContextA
CryptEncrypt
CryptReleaseContext
CryptCreateHash
CryptDeriveKey
CryptHashData

shell32

SHGetFolderPathA

ws2_32

ntohl
htons
WSAWaitForMultipleEvents
closesocket
WSAStartup
recvfrom
ntohs
socket
WSAEventSelect
inet_addr
sendto
WSACreateEvent
WSAEnumNetworkEvents

shlwapi

PathFileExistsA

iphlpapi

GetNetworkParams

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

95d0c1a5f7a3484ee8910d495cbad600

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

ws2_32

shlwapi

iphlpapi

Sections

.text Size: 192KB - Virtual size: 191KB

.rdata Size: 53KB - Virtual size: 53KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 1024B - Virtual size: 920B

.reloc Size: 12KB - Virtual size: 12KB

.text
Size: 192KB - Virtual size: 191KB

.rdata
Size: 53KB - Virtual size: 53KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 1024B - Virtual size: 920B

.reloc
Size: 12KB - Virtual size: 12KB