99cda248f1f2a46b186269f44bec3513e4cefacf849664e7e91dddf57de2f635[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

99cda248f1f2a46b186269f44bec3513e4cefacf849664e7e91dddf57de2f635.bin
Size

400KB
MD5

1eb2120ba2845f18c510d80125a5ffc4
SHA1

54fb98cd876aad5178f6708220ecbb112f838577
SHA256

99cda248f1f2a46b186269f44bec3513e4cefacf849664e7e91dddf57de2f635
SHA512

ca6182cf1520012997dd7405b183dfcc7a511e983df5175877ecfd8ad4baf9baedfea1547bdacce59562d6538b56cb18b9f5633e379a054f5fe47040014e8ee2
SSDEEP

12288:CHJfYhK0bUticPtFZboqWIN+hKyDvp7fcMFEWB6cF8zU:CJWu+pFEsbF2U

Score

N/A

Malware Config

Signatures

Files

99cda248f1f2a46b186269f44bec3513e4cefacf849664e7e91dddf57de2f635.bin
.exe windows x86

d47e7613185268ac6deec2ce8f67e2c3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
CreateProcessW
FindFirstFileW
WriteProcessMemory
VirtualProtect
FindNextFileW
GetCurrentProcess
VirtualAlloc
GetSystemDirectoryW
ResumeThread
GetLastError
LoadLibraryA
VirtualProtectEx
GetThreadContext
VirtualAllocEx
ReadProcessMemory
SetThreadContext
CreateThread
FreeLibrary
GetNativeSystemInfo
GetComputerNameW
GlobalMemoryStatusEx
GetModuleHandleW
WriteFile
GetTempPathW
GetVolumeInformationA
CreateFileW
GetFileAttributesW
OpenProcess
SetFileAttributesW
CreateToolhelp32Snapshot
MultiByteToWideChar
Process32NextW
Process32FirstW
LoadLibraryW
GetLocalTime
CopyFileW
WideCharToMultiByte
QueryFullProcessImageNameW
IsWow64Process
ReadFile
GetFileSizeEx
VirtualFree
SetErrorMode
GetCurrentThread
GetCurrentProcessId
SetThreadExecutionState
GetTickCount64
DeleteFileW
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
GetModuleHandleA
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
WriteConsoleW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
HeapSize
SetFilePointerEx
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
TerminateProcess
CloseHandle
Sleep
ReleaseMutex
WaitForSingleObject
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
FindClose
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
HeapReAlloc
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetCPInfo
GetLocaleInfoW
LCMapStringW
CompareStringW
GetFileType
GetModuleHandleExW
ExitProcess
GetModuleFileNameW
GetStdHandle
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
RaiseException
RtlUnwind
SetUnhandledExceptionFilter
CreateMutexW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
LocalFree
LCMapStringEx
GetStringTypeW
IsProcessorFeaturePresent

user32

DefWindowProcW
DispatchMessageW
GetLastInputInfo
GetWindowTextW
ShutdownBlockReasonCreate
CreateWindowExA
GetMessageW
RegisterDeviceNotificationW
ShutdownBlockReasonDestroy
UnregisterDeviceNotification
RegisterClassExA
GetWindowTextLengthW
GetForegroundWindow
TranslateMessage

advapi32

GetUserNameW
AdjustTokenPrivileges
OpenProcessToken
GetTokenInformation

shell32

ShellExecuteW
SHGetKnownFolderPath

ole32

CoCreateInstance
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoTaskMemFree
CoUninitialize

oleaut32

VariantClear
SysFreeString
SysAllocString

wininet

InternetCloseHandle
InternetOpenW
InternetOpenUrlA
HttpQueryInfoA
InternetReadFile
DeleteUrlCacheEntryA
InternetSetOptionA

ws2_32

WSAGetLastError
setsockopt
ioctlsocket
freeaddrinfo
recv
connect
socket
send
getaddrinfo
select
closesocket
__WSAFDIsSet
WSAStartup
WSACleanup

ntdll

NtUnmapViewOfSection

avicap32

capGetDriverDescriptionW

Sections

.text
Size: 298KB - Virtual size: 298KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d47e7613185268ac6deec2ce8f67e2c3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

wininet

ws2_32

ntdll

avicap32

Sections

.text Size: 298KB - Virtual size: 298KB

.rdata Size: 82KB - Virtual size: 81KB

.data Size: 4KB - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 298KB - Virtual size: 298KB

.rdata
Size: 82KB - Virtual size: 81KB

.data
Size: 4KB - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 13KB - Virtual size: 13KB