3521e879e8068fc25d117365e11ff4f9[.]bin

Resubmissions

28/07/2023, 12:35

230728-psgveadh7y 10

08/03/2023, 01:07

230308-bgqraadc55 10

Sharing

Copy URL

Twitter E-mail

General

Target

3521e879e8068fc25d117365e11ff4f9.bin
Size

213KB
MD5

01ef525024624af30c621cc6b4f363d2
SHA1

7b59fbfd219ec2d285b54734133321291d176ef8
SHA256

cd85d2a80ecb55fb5985e02ceb6df0fdd95e96df9c185c344a28d4a413aad71e
SHA512

7c7d9fc810d295a0e44b762d8e78f89b4eeddfe3ca169fe79e2301efdb95670e394d498f892c4d73a100ed8733552be24c087ebf64e3244de48ec5b9c56229ba
SSDEEP

3072:dOvzf1efu5UQDl6uBAo+Gij/Jc+J4xgAT48gQcEhG+Y68VWd8vmpjtGCh4KA12gc:oLffHkuBrijRcS81fc5s8+prCKAE

Score

1^/10

Malware Config

Signatures

Files

3521e879e8068fc25d117365e11ff4f9.bin
.zip

Password: infected
c992bf37cf07477cd38a4e168f0be2784e2259c42ec59657ff501ff7c9e0e21e.exe
.exe windows x86

Password: infected

c9a1ea6ee9933a54370224269d277665

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
FormatMessageA
CreateFileW
RaiseException
SetStdHandle
SetFilePointerEx
LCMapStringW
GetConsoleMode
GetConsoleCP
GetThreadLocale
GetStringTypeW
OutputDebugStringA
LoadLibraryExW
CreateThread
WaitForSingleObjectEx
OutputDebugStringW
InitializeCriticalSection
LoadLibraryExA
GetModuleHandleExA
SetCommConfig
SetCommTimeouts
CreateToolhelp32Snapshot
GetCommandLineW
GlobalAlloc
GetConsoleTitleA
CloseHandle
GetLastError
CreateFileMappingA
MapViewOfFile
lstrcatA
GetModuleHandleW
GetProcAddress
HeapAlloc
GetStdHandle
HeapQueryInformation
HeapSize
HeapReAlloc
HeapFree
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetLocalTime
FlushFileBuffers
WriteConsoleW
TlsFree
TlsSetValue
RtlUnwind
GetCommandLineA
HeapValidate
GetSystemInfo
IsProcessorFeaturePresent
IsDebuggerPresent
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameW
GetModuleHandleExW
VirtualQuery
SetLastError
GetCurrentThreadId
ExitProcess
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
GetEnvironmentVariableA

user32

ScrollWindow
LoadBitmapA
EnumWindows
CreateMenu
AppendMenuA
GetClipboardSequenceNumber
GetSystemMetrics
SendMessageA
GetMenu
IsWindow
GetDC
InvalidateRect
ReleaseDC
SetScrollInfo
GetScrollInfo
GetMenuItemInfoA
BeginPaint
EndPaint
DefWindowProcA
DrawTextA
GetDlgItem
SetWindowPos
AdjustWindowRect
SystemParametersInfoA
UpdateWindow
GetCursorPos
CreatePopupMenu

gdi32

CreateCompatibleBitmap
GetTextMetricsA
GetPixel
CombineRgn
GetCharacterPlacementW
SelectObject
Rectangle
BitBlt
TextOutA
CreateSolidBrush
FillRgn
DeleteObject
GetCurrentObject
GetPaletteEntries
CreateCompatibleDC
CreateRectRgn

advapi32

OpenProcessToken

shell32

CommandLineToArgvW
ShellExecuteA

ole32

CreateBindCtx

netapi32

NetWkstaUserGetInfo
NetApiBufferFree

version

GetFileVersionInfoW

iphlpapi

GetAdaptersAddresses
GetAdaptersInfo

shlwapi

StrFormatKBSizeW

sensapi

IsNetworkAlive

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 166KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

c9a1ea6ee9933a54370224269d277665

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

netapi32

version

iphlpapi

shlwapi

sensapi

Sections

.text Size: 144KB - Virtual size: 144KB

.text1 Size: 512B - Virtual size: 96B

.rdata Size: 48KB - Virtual size: 48KB

.data Size: 14KB - Virtual size: 23KB

_RDATA Size: 1KB - Virtual size: 1KB

.rsrc Size: 166KB - Virtual size: 165KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 144KB - Virtual size: 144KB

.text1
Size: 512B - Virtual size: 96B

.rdata
Size: 48KB - Virtual size: 48KB

.data
Size: 14KB - Virtual size: 23KB

_RDATA
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 166KB - Virtual size: 165KB

.reloc
Size: 9KB - Virtual size: 9KB