284412e3a44ae2d827b641a5f5b705fde832ff6b415502e992ec3cce46b6f210[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

284412e3a44ae2d827b641a5f5b705fde832ff6b415502e992ec3cce46b6f210.bin
Size

348KB
MD5

f3433a1bf70f9c01a1bb06af97a7e0d0
SHA1

9cc964246c0e242760083616392cd429a58d3ebc
SHA256

284412e3a44ae2d827b641a5f5b705fde832ff6b415502e992ec3cce46b6f210
SHA512

46f03c556e52a651da9af71d83839c6e1477d2f02203ed165daf4a445a131b4bcada8df11a40d1e70cb660475d0b711dbd6a2259f2dab451e2aa78e9a78978af
SSDEEP

6144:LykmyWDx0vx8jH9gQKfSqdLUFE4qlPW+sMjdWWfK+nl:LyRDaxQdgDfSSXVlPnTbl

Score

1^/10

Malware Config

Signatures

Files

284412e3a44ae2d827b641a5f5b705fde832ff6b415502e992ec3cce46b6f210.bin
.dll windows x64

0eed1146e555b2e7265cb6cd8aeb1192

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ntdll

RtlUnwindEx
RtlVirtualUnwind
RtlPcToFileHeader
RtlCaptureContext
RtlLookupFunctionEntry

gdi32

Polyline
SetBkColor
CreateFontIndirectW
GetStockObject

kernel32

IsProcessorFeaturePresent
SetLastError
GetFullPathNameW
GetLastError
CreateFileW
GetFileInformationByHandle
GetFileInformationByHandleEx
SetFilePointerEx
CloseHandle
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
GetModuleHandleA
GetProcAddress
TryAcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetStdHandle
GetConsoleMode
WaitForSingleObject
WriteConsoleW
GetCurrentDirectoryW
AcquireSRWLockExclusive
GetCurrentProcess
ReleaseMutex
WaitForSingleObjectEx
LoadLibraryA
CreateMutexA
GetCurrentThread
GetEnvironmentVariableW
GetModuleHandleW
FormatMessageW
ExitProcess
AcquireSRWLockShared
ReleaseSRWLockShared
GetConsoleOutputCP
WriteFile
FlushFileBuffers
SetStdHandle
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
InterlockedFlushSList
EncodePointer
RaiseException
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
TerminateProcess
GetModuleHandleExW
GetModuleFileNameW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
LCMapStringW
GetFileType
GetStringTypeW
HeapSize

Exports

Exports

Main
VwvBfSYL

Sections

.text
Size: 231KB - Virtual size: 230KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0eed1146e555b2e7265cb6cd8aeb1192

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

gdi32

kernel32

Exports

Exports

Sections

.text Size: 231KB - Virtual size: 230KB

.rdata Size: 98KB - Virtual size: 98KB

.data Size: 3KB - Virtual size: 7KB

.pdata Size: 10KB - Virtual size: 9KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 1024B - Virtual size: 904B

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 231KB - Virtual size: 230KB

.rdata
Size: 98KB - Virtual size: 98KB

.data
Size: 3KB - Virtual size: 7KB

.pdata
Size: 10KB - Virtual size: 9KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 1024B - Virtual size: 904B

.reloc
Size: 3KB - Virtual size: 3KB