aa4942da9a41c2c7ce12bc3855eb2350[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

aa4942da9a41c2c7ce12bc3855eb2350.bin
Size

438KB
MD5

2d199b149dd83ba5febbe393980b1f1c
SHA1

75ce107e804c40d401587bbbfea64d144423d423
SHA256

3174c0df84717ce0a70b569c70444e9b9c8a4da3d6dbe73a0fd1632cac31e610
SHA512

fbaeabb45fe4271e1cad7be8da7591b07c2d2dff4897b30ba2e93d9a1f417f08ff5e9055ff85947fad941f2b9fa4636bb3a349933d81ddf1e2153268842ab123
SSDEEP

12288:AzcwA646AfoutRVJ6cH3wl6smiTmSu1GRFZ1kr9JsOuxN:+A64quScH3wt3LCr9JsH

Score

1^/10

Malware Config

Signatures

Files

aa4942da9a41c2c7ce12bc3855eb2350.bin
.zip

Password: infected
c5fcb78f3d8f37ad58277089aa4ad3f4e6f0388ad8ee3c8e19065bab1b7f38e7.exe
.exe windows x86

Password: infected

7dc8a7abc496d99feefc72c0a0d7748c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_except_handler3
_onexit
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p__acmdln
exit
_XcptFilter
_exit
toupper
rand
srand
putchar
getc
fopen
fclose
__dllonexit
_kbhit

kernel32

EnumResourceTypesA
GetConsoleCP
LockFileEx
GetFileAttributesExW
GetCommProperties
GetMailslotInfo
GetStartupInfoA
GetModuleHandleA
SetConsoleCursorPosition
SleepEx
GetStdHandle
BeginUpdateResourceW

winmm

waveOutBreakLoop
waveInReset
timeSetEvent

msacm32

acmGetVersion
acmStreamReset
acmFilterDetailsW
acmStreamClose
acmFormatTagDetailsA
acmDriverRemove

ole32

GetClassFile
OleTranslateAccelerator
HBRUSH_UserSize
WriteClassStg

rtm

MgmGetFirstMfe
MgmReleaseInterfaceOwnership
RtmRegisterClient
RtmBlockSetRouteEnable
RtmDeregisterClient
RtmGetRouteAge
RtmIsRoute

msi

ord16
ord50
ord171
ord129
ord55
ord28
ord73

loadperf

UnloadPerfCounterTextStringsW
UnloadPerfCounterTextStringsA
LoadPerfCounterTextStringsA

mswsock

SetServiceA
rexec
GetAcceptExSockaddrs
TransmitFile
GetNameByTypeA
GetTypeByNameW
AcceptEx

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

7dc8a7abc496d99feefc72c0a0d7748c

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

kernel32

winmm

msacm32

ole32

rtm

msi

loadperf

mswsock

Sections

.text Size: 6KB - Virtual size: 5KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 6KB

.rsrc Size: 36KB - Virtual size: 35KB

.reloc Size: 1024B - Virtual size: 792B

.text
Size: 6KB - Virtual size: 5KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 6KB

.rsrc
Size: 36KB - Virtual size: 35KB

.reloc
Size: 1024B - Virtual size: 792B