rtIZPTvjyNuc5ZpbjKKxpzG3BsngC-lzvfS-JdIOZ1k[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

rtIZPTvjyNuc5ZpbjKKxpzG3BsngC-lzvfS-JdIOZ1k.bin
Size

258KB
MD5

5fd52fcfdc658af2cdd97ac93ae6eb9d
SHA1

3ab042f572ef07df61fc552f37b52ebfcac0f7fc
SHA256

aed2193d3be3c8db9ce59a5b8ca2b1a731b706c9e00bf973bdf4bf25d20e6759
SHA512

423862bbc63ac777d5993354966ea9862d1b2f83801e7013384252d04945bc47029e500522f3f8d0c724a4e890d1cc31c0f7fde4e214ecb5d0ff5d24454c6d85
SSDEEP

3072:j+OzZ5iQJc0J4ISULHOzKD24kvKS8dcu7WoBqEY+hAvRUd9MUSOiKXN56:j+O95iqc0KISmD2Tvt82oaEWcqUlia6

Score

1^/10

Malware Config

Signatures

Files

rtIZPTvjyNuc5ZpbjKKxpzG3BsngC-lzvfS-JdIOZ1k.bin
.dll regsvr32 windows x86

3d757dd01aef8a2f23b0e59a16f90f82

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
memmove
wcsncmp
wcsncpy
memcpy
_CIpow
_wcsicmp
wcslen
wcscpy

kernel32

HeapCreate
HeapDestroy
GetModuleHandleW
UnregisterWait
CloseHandle
EnterCriticalSection
LeaveCriticalSection
HeapFree
TlsFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
TlsGetValue
HeapAlloc
GetCurrentProcess
GetCurrentThread
DuplicateHandle
RegisterWaitForSingleObject
TlsSetValue
WideCharToMultiByte
MultiByteToWideChar
HeapReAlloc

user32

CreateCursor
CheckDlgButton
CopyIcon
CreateIcon
CharLowerW
ChildWindowFromPoint
CheckMenuItem
CharUpperW
ChildWindowFromPointEx
CreateCaret
CopyImage
CountClipboardFormats
CascadeWindows
CheckRadioButton
CreateIconFromResource
CopyRect
CreateAcceleratorTableW
CloseWindow
CharPrevW
CharNextW
GetForegroundWindow

odbc32

ord43
ord31
ord9
ord108
ord18
ord24
ord176
ord111
ord20
ord30
ord13
ord107
ord141
ord75
ord72
ord135

Exports

Exports

Beach_
Bears256
Captain32
Counts8
Dishes_
DllInstall
DllRegisterServer
Enlist_
Feelings8
Marine_
Queries16
Tons32
Visa_
Volumes64
Wolf16

Sections

.code
Size: 193KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3d757dd01aef8a2f23b0e59a16f90f82

Headers

File Characteristics

Imports

msvcrt

kernel32

user32

odbc32

Exports

Exports

Sections

.code Size: 193KB - Virtual size: 192KB

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 512B - Virtual size: 368B

.data Size: 13KB - Virtual size: 29KB

.rsrc Size: 26KB - Virtual size: 25KB

.reloc Size: 11KB - Virtual size: 10KB

.code
Size: 193KB - Virtual size: 192KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 512B - Virtual size: 368B

.data
Size: 13KB - Virtual size: 29KB

.rsrc
Size: 26KB - Virtual size: 25KB

.reloc
Size: 11KB - Virtual size: 10KB