e2f869dbda506dd55ce32e94bd2fbc33a7952ccbcfce0c53ec0b2213e9956c0e[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

e2f869dbda506dd55ce32e94bd2fbc33a7952ccbcfce0c53ec0b2213e9956c0e.bin
Size

299KB
MD5

a48e6cd92c2fab06ec310f64fce494a8
SHA1

afda215f0b1bab516ad621ddd7ccaebef5309b0d
SHA256

e2f869dbda506dd55ce32e94bd2fbc33a7952ccbcfce0c53ec0b2213e9956c0e
SHA512

266f2b7e100df16ecd2f788c2f9c630504784e5e494eda83255b7801f9ed4b641dc381ccd1fa5ae7b49672731e147ee4c844ac2e52890d792185490a2b3f1c31
SSDEEP

6144:qj8HssADt3hQWG2I7AZw2wMnE5XiWTs3MLFgk:qt9tRyr7AZw2ZMiJ3MP

Score

N/A

Malware Config

Signatures

Files

e2f869dbda506dd55ce32e94bd2fbc33a7952ccbcfce0c53ec0b2213e9956c0e.bin
.exe windows x86

504d97a665c5990d2e90f1479886157c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetNamedPipeHandleStateW
LocalFree
WriteConsoleInputA
EnumDateFormatsW
CopyFileExW
DnsHostnameToComputerNameW
VerifyVersionInfoA
FindNextFileW
VirtualUnlock
LockFile
GetProfileSectionW
RequestWakeupLatency
SetProcessPriorityBoost
GlobalGetAtomNameW
DeleteFileW
FindNextVolumeMountPointA
TlsSetValue
LoadResource
WriteConsoleInputW
GetConsoleTitleA
GetComputerNameExW
OpenEventW
CallNamedPipeW
GetModuleHandleA
GetSystemDirectoryA
GetDriveTypeA
BuildCommDCBAndTimeoutsW
GetProcAddress
GetShortPathNameA
ZombifyActCtx
DeleteFileA
GetCommandLineW
InterlockedIncrement
GetConsoleTitleW
CopyFileW
CreateActCtxW
FormatMessageA
EnterCriticalSection
FindNextVolumeA
CreateIoCompletionPort
LoadLibraryA
CreateNamedPipeA
GetSystemDefaultLCID
GetConsoleAliasesLengthW
WriteProfileSectionA
AddAtomW
InterlockedDecrement
HeapFree
_hread
InterlockedCompareExchange
GetStartupInfoW
CreateMailslotA
GetCPInfoExA
GetSystemWow64DirectoryW
GetLastError
GetPrivateProfileIntA
GetConsoleAliasExesLengthW
WaitForDebugEvent
EndUpdateResourceA
SetLastError
LoadLibraryW
ExitThread
GetACP
lstrcatW
GetConsoleAliasA
GetDiskFreeSpaceExA
DefineDosDeviceA
TerminateProcess
EnumResourceLanguagesW
GetCPInfoExW
SetConsoleTextAttribute
CreateJobSet
WriteConsoleW
SetCriticalSectionSpinCount
GetComputerNameW
EnumSystemLocalesA
WritePrivateProfileSectionA
WritePrivateProfileStructA
GetPrivateProfileSectionNamesW
FileTimeToSystemTime
SetTapeParameters
lstrcmpW
SetEvent
FreeLibrary
FindResourceW
SetCommState
FormatMessageW
CreateFiber
EnumDateFormatsA
GetConsoleFontSize
MoveFileA
LocalAlloc
SetFileShortNameW
lstrcpyA
HeapUnlock
SetCalendarInfoW
SetComputerNameW
GetConsoleAliasesW
EnumDateFormatsExA
GetConsoleOutputCP
LocalSize
SetStdHandle
GetLocalTime
GetStringTypeA
FindActCtxSectionStringA
FreeEnvironmentStringsA
GetModuleHandleExW
GetBinaryTypeA
GetFileAttributesA
GetSystemWindowsDirectoryW
LocalFlags
GetSystemTimeAdjustment
SetProcessShutdownParameters
lstrcpynA
GlobalWire
FillConsoleOutputCharacterA
GetCompressedFileSizeA
GetFullPathNameW
ReadConsoleW
FreeUserPhysicalPages
WriteConsoleOutputCharacterA
OpenJobObjectW
CreateFileW
DeleteTimerQueueTimer
SetCurrentDirectoryW
GetNamedPipeHandleStateA
CreateFileA
WideCharToMultiByte
RaiseException
HeapValidate
IsBadReadPtr
DeleteCriticalSection
LeaveCriticalSection
GetModuleFileNameW
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
GetOEMCP
GetCPInfo
IsValidCodePage
TlsGetValue
GetModuleHandleW
TlsAlloc
GetCurrentThreadId
TlsFree
SetFilePointer
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
ExitProcess
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
GetModuleFileNameA
WriteFile
HeapAlloc
HeapSize
HeapReAlloc
VirtualAlloc
InitializeCriticalSectionAndSpinCount
DebugBreak
OutputDebugStringA
OutputDebugStringW
MultiByteToWideChar
GetStringTypeW
GetLocaleInfoA
LCMapStringA
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
WriteConsoleA
CloseHandle

user32

LoadMenuW
CharUpperW
GetMenuInfo

msimg32

AlphaBlend

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.laro
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.noda
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lumowa
Size: 512B - Virtual size: 150B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

504d97a665c5990d2e90f1479886157c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

msimg32

Sections

.text Size: 168KB - Virtual size: 167KB

.data Size: 67KB - Virtual size: 97KB

.laro Size: 1024B - Virtual size: 1024B

.noda Size: 1024B - Virtual size: 1024B

.lumowa Size: 512B - Virtual size: 150B

.rsrc Size: 61KB - Virtual size: 60KB

.text
Size: 168KB - Virtual size: 167KB

.data
Size: 67KB - Virtual size: 97KB

.laro
Size: 1024B - Virtual size: 1024B

.noda
Size: 1024B - Virtual size: 1024B

.lumowa
Size: 512B - Virtual size: 150B

.rsrc
Size: 61KB - Virtual size: 60KB