2db4e85f42ab1b1b22a6829f273566a7[.]bin[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2db4e85f42ab1b1b22a6829f273566a7.bin.exe
Size

408KB
MD5

2db4e85f42ab1b1b22a6829f273566a7
SHA1

9883c2037aba20b5a962a121030360e989261bde
SHA256

1b23f6605bf3ee638b369bc344cbd02591b5a9ab320a874b07088652b8d93888
SHA512

762fadae6456a02aece3f7a49191d6f7dad3be95ff99562bb53cd2e0d529978911e8765af9652ec8d1d7f3562d5f5ca4dc8a331eae1ccbe81d2f8e203d0cd132
SSDEEP

6144:AZqs7XDQk8PFrWKN5nwtm/NYGridElYaa/7d8BrNtDAqlPJedOJKn4eirAj:AZqs7XWiKNBwaNtCZNKJdJZsj

Score

1^/10

Malware Config

Signatures

Files

2db4e85f42ab1b1b22a6829f273566a7.bin.exe
.exe windows x86

2053909a946a770e91562fee33517d62

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
SetEndOfFile
SetFilePointer
GetFileSize
SetLastError
WriteFile
GetLastError
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
GetLocalTime
CompareStringA
GetModuleHandleA
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
LoadLibraryA
InterlockedExchange
CreateThread
ResumeThread
GetExitCodeThread
CreateFileA
ReadFile
FlushFileBuffers
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetConsoleMode
GetConsoleCP
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoA
GetSystemTimeAsFileTime
SetThreadPriority
QueryPerformanceCounter
GetFileType
CloseHandle
WaitForSingleObject
ReleaseMutex
InterlockedDecrement
FreeLibrary
SetHandleCount
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetStdHandle
ExitProcess
HeapSize
GetOEMCP
GetACP
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStringTypeA
LCMapStringA
GetStartupInfoA
HeapAlloc
GetVersionExA
GetCommandLineA
RtlUnwind
RaiseException
IsDebuggerPresent
SetUnhandledExceptionFilter
GetCurrentProcess
HeapFree
GetProcessHeap
lstrlenA
InterlockedCompareExchange
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
UnhandledExceptionFilter

advapi32

RegCloseKey

user32

GetDlgCtrlID
IsWindowEnabled
EndDialog
ScreenToClient
SetTimer
GetParent
GetMessagePos
GetWindowRect
ShowWindow
UpdateWindow
KillTimer
SetFocus
SetForegroundWindow
SetCursor
GetDesktopWindow
GetDlgItem

gdi32

DeleteObject

shell32

SHGetFolderPathW

comctl32

ImageList_Destroy
ImageList_Add
ImageList_Create
InitCommonControlsEx

netapi32

NetApiBufferFree
NetServerEnum

ws2_32

WSAStartup
WSACleanup
gethostname

ole32

CoSetProxyBlanket
CoUninitialize
CoInitializeEx
CoCreateInstance
CoInitializeSecurity

oleaut32

VariantInit
SysStringByteLen
SysAllocStringByteLen
VariantClear
SysFreeString
SysStringLen
SysAllocString

Sections

.text
Size: 196KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hnvshr
Size: 4KB - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2053909a946a770e91562fee33517d62

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

shell32

comctl32

netapi32

ws2_32

ole32

oleaut32

Sections

.text Size: 196KB - Virtual size: 193KB

.rdata Size: 32KB - Virtual size: 31KB

.data Size: 8KB - Virtual size: 15KB

.hnvshr Size: 4KB - Virtual size: 4B

DATA Size: 164KB - Virtual size: 161KB

.text
Size: 196KB - Virtual size: 193KB

.rdata
Size: 32KB - Virtual size: 31KB

.data
Size: 8KB - Virtual size: 15KB

.hnvshr
Size: 4KB - Virtual size: 4B

DATA
Size: 164KB - Virtual size: 161KB