0daf80a7aa1c5f4f5ced1921445d5478d3295c6dc04fc6f2359aa8add681994e[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

0daf80a7aa1c5f4f5ced1921445d5478d3295c6dc04fc6f2359aa8add681994e.bin
Size

299KB
MD5

19ab964b8376a3156703514a6a25c514
SHA1

d16f02b71a10a7aacb2890eb1fd1798bbc9ae6d0
SHA256

0daf80a7aa1c5f4f5ced1921445d5478d3295c6dc04fc6f2359aa8add681994e
SHA512

abfb35f1bbe5b0f18545ceef3b58fe1b814b5d8f815f2921275090dd7c2ffc24b62e8d76e1f94b711f86dfa91f90088ebe2b567c255f678342d1dbf66ab54300
SSDEEP

6144:J72mxzUsvIGqxK9loLNTohOhwnbwtF7UbJqwJQA:JaPY9loLShWwbwthUFq5

Score

N/A

Malware Config

Signatures

Files

0daf80a7aa1c5f4f5ced1921445d5478d3295c6dc04fc6f2359aa8add681994e.bin
.exe windows x86

9f971d78258087988285d908160f80ff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetNamedPipeHandleStateW
LocalFree
WriteConsoleInputA
EnumDateFormatsW
CopyFileExW
DnsHostnameToComputerNameW
VerifyVersionInfoA
FindNextFileW
VirtualUnlock
LockFile
GetProfileSectionW
RequestWakeupLatency
GetProcessPriorityBoost
GlobalGetAtomNameW
DeleteFileW
FindNextVolumeMountPointA
TlsSetValue
LoadResource
WriteConsoleInputW
GetConsoleTitleA
GetComputerNameExW
OpenEventW
CallNamedPipeW
GetModuleHandleA
GetSystemDirectoryA
GetDriveTypeA
BuildCommDCBAndTimeoutsW
GetProcAddress
GetShortPathNameA
ZombifyActCtx
DeleteFileA
GetCommandLineW
InterlockedIncrement
GetConsoleTitleW
CopyFileW
CreateActCtxW
FormatMessageA
EnterCriticalSection
FindNextVolumeA
CreateIoCompletionPort
LoadLibraryA
CreateNamedPipeA
GetSystemDefaultLCID
GetConsoleAliasesLengthW
WriteProfileSectionA
AddAtomW
InterlockedDecrement
HeapFree
_hread
InterlockedCompareExchange
GetStartupInfoW
CreateMailslotA
GetCPInfoExA
GetSystemWow64DirectoryW
GetLastError
GetPrivateProfileIntA
GetConsoleAliasExesLengthW
WaitForDebugEvent
EndUpdateResourceW
SetLastError
LoadLibraryW
OpenFileMappingA
GetDefaultCommConfigA
VirtualAlloc
GetACP
lstrcatW
GetConsoleAliasA
GetDiskFreeSpaceExA
DefineDosDeviceA
TerminateProcess
EnumResourceLanguagesW
GetCPInfoExW
SetConsoleTextAttribute
CreateJobSet
WriteConsoleW
SetCriticalSectionSpinCount
GetComputerNameW
EnumSystemLocalesA
WritePrivateProfileSectionW
WritePrivateProfileStructA
GetPrivateProfileSectionNamesW
FileTimeToSystemTime
SetTapeParameters
lstrcmpW
SetEvent
FreeLibrary
FindResourceW
GetCommState
FormatMessageW
CreateFiber
EnumDateFormatsA
GetConsoleFontSize
MoveFileA
LocalAlloc
SetFileShortNameW
lstrcpyA
HeapUnlock
SetCalendarInfoW
SetComputerNameW
GetConsoleAliasesW
EnumDateFormatsExA
GetConsoleOutputCP
LocalSize
SetStdHandle
GetLocalTime
GetStringTypeA
FindActCtxSectionStringA
FreeEnvironmentStringsA
GetModuleHandleExW
GetBinaryTypeA
GetFileAttributesA
GetSystemWindowsDirectoryW
LocalFlags
GetSystemTimeAdjustment
SetProcessShutdownParameters
lstrcpynA
GlobalWire
FillConsoleOutputCharacterA
GetCompressedFileSizeA
GetFullPathNameW
ReadConsoleW
FreeUserPhysicalPages
WriteConsoleOutputCharacterA
OpenJobObjectW
CreateFileW
DeleteTimerQueueTimer
SetCurrentDirectoryW
GetNamedPipeHandleStateA
CreateFileA
CloseHandle
WideCharToMultiByte
RaiseException
HeapValidate
IsBadReadPtr
DeleteCriticalSection
LeaveCriticalSection
GetModuleFileNameW
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
GetOEMCP
GetCPInfo
IsValidCodePage
TlsGetValue
GetModuleHandleW
TlsAlloc
GetCurrentThreadId
TlsFree
SetFilePointer
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
ExitProcess
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
GetModuleFileNameA
WriteFile
HeapAlloc
HeapSize
HeapReAlloc
InitializeCriticalSectionAndSpinCount
DebugBreak
OutputDebugStringA
OutputDebugStringW
MultiByteToWideChar
GetStringTypeW
GetLocaleInfoA
LCMapStringA
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
WriteConsoleA

user32

LoadMenuW
CharUpperW
GetMenuInfo

msimg32

TransparentBlt
AlphaBlend

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sodufoj
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kagayaf
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cij
Size: 512B - Virtual size: 150B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f971d78258087988285d908160f80ff

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msimg32

Sections

.text Size: 168KB - Virtual size: 167KB

.data Size: 67KB - Virtual size: 97KB

.sodufoj Size: 1024B - Virtual size: 1024B

.kagayaf Size: 1024B - Virtual size: 1024B

.cij Size: 512B - Virtual size: 150B

.rsrc Size: 61KB - Virtual size: 60KB

.text
Size: 168KB - Virtual size: 167KB

.data
Size: 67KB - Virtual size: 97KB

.sodufoj
Size: 1024B - Virtual size: 1024B

.kagayaf
Size: 1024B - Virtual size: 1024B

.cij
Size: 512B - Virtual size: 150B

.rsrc
Size: 61KB - Virtual size: 60KB