2f441fb1898f8159f60e8be21dcf4efd[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

2f441fb1898f8159f60e8be21dcf4efd.bin
Size

265KB
MD5

2f441fb1898f8159f60e8be21dcf4efd
SHA1

e21c3f7834c3538f3374004517c3af44f8fb0b04
SHA256

fd824d0a10e176c09d7f320808a08ae80676bad2247816d53b934283adccd53b
SHA512

7dcb798bb398f5e7a1e11a002588769e0823507841f178c3711ef12cfc47928d5b3f48e608419403b1ea8868bc2bdb3988553549b24688f25b773ed749d00b47
SSDEEP

6144:fYKGQYHhXH//jB7LsN+eNCDoon0Jn7oq/zJjhJJgGZJK:fYim3F7JWQvnOrbJjDJZZ

Score

1^/10

Malware Config

Signatures

Files

2f441fb1898f8159f60e8be21dcf4efd.bin
.dll windows x86

87eca0fb5624463bc487b7b4304bc6b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptUnprotectData

kernel32

SetFilePointer
lstrlenA
PeekNamedPipe
AllocConsole
CreateProcessW
SetFilePointerEx
WaitForSingleObject
WriteFile
WideCharToMultiByte
Sleep
GetFileAttributesA
FileTimeToSystemTime
ReadFile
CreateFileW
MultiByteToWideChar
CreateDirectoryA
FindFirstFileW
FindFirstFileA
GetLastError
FindClose
GetLocalTime
CreatePipe
GetModuleFileNameA
FindNextFileA
GetFileTime
ReleaseMutex
CloseHandle
DeleteFileW
DeleteFileA
CreateThread
GetStringTypeW
CreateMutexW
GetFileSize
CreateFileA
GetComputerNameA
GetFileSizeEx
HeapSize
SetEnvironmentVariableA
CompareStringW
LCMapStringW
GetProcessHeap
SetEndOfFile
IsValidCodePage
GetOEMCP
GetACP
IsProcessorFeaturePresent
GetCPInfo
RaiseException
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
HeapFree
HeapAlloc
WriteConsoleW
GetFileType
GetStdHandle
GetModuleFileNameW
HeapReAlloc
GetSystemTimeAsFileTime
GetCurrentThreadId
DecodePointer
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetStartupInfoW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
EncodePointer
GetTimeZoneInformation
HeapCreate
HeapDestroy
GetProcAddress
GetModuleHandleW
ExitProcess
GetConsoleCP
GetConsoleMode
FlushFileBuffers
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
LoadLibraryW
RtlUnwind
SetStdHandle
FreeEnvironmentStringsW

user32

ShowWindow
wsprintfW
FindWindowA

advapi32

RegQueryValueExA
RegCloseKey
GetUserNameA
RegOpenKeyExA

shell32

SHGetFolderPathA
CommandLineToArgvW
ShellExecuteW

oleaut32

SysFreeString
SysAllocStringLen

ws2_32

gethostbyname
closesocket
socket
recv
WSACleanup
htons
select
inet_addr
WSAStartup
inet_ntoa
connect
send

Sections

.text
Size: 229KB - Virtual size: 229KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

87eca0fb5624463bc487b7b4304bc6b4

Headers

DLL Characteristics

File Characteristics

Imports

crypt32

kernel32

user32

advapi32

shell32

oleaut32

ws2_32

Sections

.text Size: 229KB - Virtual size: 229KB

.rdata Size: 21KB - Virtual size: 20KB

.data Size: 5KB - Virtual size: 12KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 229KB - Virtual size: 229KB

.rdata
Size: 21KB - Virtual size: 20KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 8KB - Virtual size: 8KB