26c775d1c36d4633cd162d5a4ac81b8d[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

26c775d1c36d4633cd162d5a4ac81b8d.bin
Size

208KB
MD5

15a321b1faeb936122e41563b9b0d1f8
SHA1

5531c30539260afd8fb860ab84e9e830f0a45e90
SHA256

273d4f89a88ad9b6c58e393a2ef4c254f6062fab31ae3fbca9d8a54444a61d27
SHA512

e062d100d785bb8c5cb7f26d1a28c2e178a2f1184fe4b32f31c0f9751e12a77c528bfde786e97065f8314069ac9e314d5c04e56b71b5b1d7e5629efc71d58bf8
SSDEEP

3072:Yy8xJ15G4ceB/5Zg5ojvbr82OEoF3L+D/OcgQnB5r+SOYX5w4GPxFobIb3d+BRUm:H8L+eB/5qYbA3Lzc3BBX5w4GkBBMZBBa

Score

1^/10

Malware Config

Signatures

Files

26c775d1c36d4633cd162d5a4ac81b8d.bin
.zip

Password: infected
00cf0d57fcce08e10952008c2b901093155c5045972e2cdbdcec667811986d25.exe
.exe windows x86

Password: infected

b436a108241919d1ed46fd1d53c12eaa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFiber
GetConsoleAliasExesA
GetCPInfo
InterlockedIncrement
GetConsoleAliasA
GetCurrentProcess
EnumCalendarInfoExW
GetWindowsDirectoryA
GetGeoInfoW
FindResourceExA
GlobalAlloc
LoadLibraryW
SetCommConfig
LeaveCriticalSection
HeapCreate
IsBadStringPtrA
DisconnectNamedPipe
LCMapStringA
SetLastError
GetProcAddress
VirtualAlloc
EnumSystemCodePagesW
LoadLibraryA
DnsHostnameToComputerNameA
AddAtomW
CreateEventW
GetCommMask
SetConsoleCursorInfo
lstrcmpiW
GetModuleHandleA
GetCommTimeouts
BuildCommDCBA
VirtualProtect
EndUpdateResourceA
GetWindowsDirectoryW
GetVolumeNameForVolumeMountPointW
LCMapStringW
HeapAlloc
MultiByteToWideChar
GetModuleHandleW
Sleep
ExitProcess
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLastError
HeapFree
DeleteCriticalSection
EnterCriticalSection
VirtualFree
HeapReAlloc
WriteFile
GetStdHandle
GetModuleFileNameA
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
HeapSize
RaiseException
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlUnwind
WideCharToMultiByte
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

user32

LoadMenuA
GetCaretPos
GetMenuItemID

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hixonu
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hutu
Size: 1024B - Virtual size: 723B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xegoxi
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

b436a108241919d1ed46fd1d53c12eaa

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 67KB - Virtual size: 67KB

.data Size: 92KB - Virtual size: 183KB

.hixonu Size: 1024B - Virtual size: 624B

.hutu Size: 1024B - Virtual size: 723B

.xegoxi Size: 1024B - Virtual size: 963B

.rsrc Size: 151KB - Virtual size: 151KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 67KB - Virtual size: 67KB

.data
Size: 92KB - Virtual size: 183KB

.hixonu
Size: 1024B - Virtual size: 624B

.hutu
Size: 1024B - Virtual size: 723B

.xegoxi
Size: 1024B - Virtual size: 963B

.rsrc
Size: 151KB - Virtual size: 151KB

.reloc
Size: 6KB - Virtual size: 6KB