a292fee8d8db83711e72c06d6f82562d[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

a292fee8d8db83711e72c06d6f82562d.bin
Size

759KB
MD5

ebcc95c7d6f44a7dd4ddee306d2da8ae
SHA1

77cbc3e41c65011bed5e5741a33e241281d2a0de
SHA256

72e2d53918704fb18a6e23d8b5f7b43c6df1ae1c7f5fa6e756a44becb1ae65f7
SHA512

68d6aa1be5e57f382891d969fe8ba438a7b0108c2705264cd952e7be427e642daf9c123e5168d9036b2ff8d550cf5810244184a20709b0476d46389d9bfc48e4
SSDEEP

12288:ysQFrBz8HEsbzfxbQX06KfmB5Mfa4Zy5/6XsttafneqKgxEVMbwMEHt+B3My2HZ:ysYrBKrbek6KeBr4osceBZEeEMEHtWa5

Score

1^/10

Malware Config

Signatures

Files

a292fee8d8db83711e72c06d6f82562d.bin
.zip

Password: infected
df5b004be71717362e6b1ad22072f9ee4113b95b5d78c496a90857977a9fb415.exe
.exe windows x86

Password: infected

0342305287526630b0692bf1d3350409

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
GetProcAddress
ExitProcess
FreeLibrary
GetEnvironmentStrings
SleepEx
GetTickCount
VirtualAlloc
GetCommandLineA
GetTickCount64
CreateDirectoryA
GetModuleFileNameA
FindFirstFileW
SetHandleCount
VirtualProtect
GetCurrentProcess
GetConsoleOutputCP
lstrlenW
GetStdHandle
WriteConsoleA
DeviceIoControl
GetConsoleCP
LeaveCriticalSection
lstrlenA
LocalAlloc
CreateFileW
GetFileAttributesW
GetCurrentThreadId
lstrcmpA
GetSystemDirectoryW
GetCurrentDirectoryA
GetModuleHandleA
SetFileAttributesW
GetFileInformationByHandle
LocalFileTimeToFileTime
GetFileAttributesA
FindClose
GetCurrentThread
LoadLibraryA
TlsAlloc
FindResourceExW
GetWindowsDirectoryA
LoadResource
FindResourceW
SetStdHandle
SystemTimeToFileTime
GetModuleHandleW
TlsGetValue
TlsFree
QueryPerformanceCounter
SetUnhandledExceptionFilter
WriteConsoleW
CloseHandle
SetFilePointerEx
GetConsoleMode
FlushFileBuffers
HeapReAlloc
HeapSize
GetStringTypeW
GetFileType
GetProcessHeap
DecodePointer
LCMapStringW
FindNextFileA
LoadLibraryExA
CreateFileA
FindFirstFileA
FreeEnvironmentStringsW
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoW
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
TerminateProcess
RtlUnwind
RaiseException
GetLastError
SetLastError
EncodePointer
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsSetValue
LoadLibraryExW
GetModuleHandleExW
GetModuleFileNameW
WriteFile
HeapAlloc
HeapFree
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW

user32

GetFocus
GetCaretPos
MessageBoxW
GetClipboardOwner
GetOpenClipboardWindow
GetActiveWindow
GetInputState
MessageBoxA
GetMessageTime
SetWindowsHookExW
GetDesktopWindow
GetProcessWindowStation
GetCursorPos
CloseWindow
DestroyWindow
SendMessageTimeoutA
DefWindowProcA
CreateDialogParamA
PostQuitMessage
FindWindowA
GetClipboardViewer

advapi32

RegCloseKey
RegOpenKeyA
RegEnumKeyA

shlwapi

PathAppendA
PathFileExistsW

Sections

.text
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 681KB - Virtual size: 683KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

0342305287526630b0692bf1d3350409

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

Sections

.text Size: 107KB - Virtual size: 106KB

.rdata Size: 29KB - Virtual size: 29KB

.data Size: 681KB - Virtual size: 683KB

.rsrc Size: 123KB - Virtual size: 123KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 107KB - Virtual size: 106KB

.rdata
Size: 29KB - Virtual size: 29KB

.data
Size: 681KB - Virtual size: 683KB

.rsrc
Size: 123KB - Virtual size: 123KB

.reloc
Size: 6KB - Virtual size: 6KB