b8520c5bad88ade394086cb7b1b7b631[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

b8520c5bad88ade394086cb7b1b7b631.bin
Size

505KB
MD5

b8520c5bad88ade394086cb7b1b7b631
SHA1

1d4c5ab9c9ccd04b2d08bf3cfa0ff0bcc56cfd54
SHA256

a8b31d491f4e7f41e7a7c3aeb35030ba3363dfb34ae74c84b02c25df125db23d
SHA512

fd906c2cd0dd481eb826ff5c6382acd3586707f1ac3740896709021dab71887a43d3af81a22e81b01b0843b1949eb1823950f49d4277ad528f271c9263c51aa1
SSDEEP

6144:MtO6bbermk6FyyerJapfdZf6QE5+ht29iU:ynbayeVapj6d5utpU

Score

1^/10

Malware Config

Signatures

Files

b8520c5bad88ade394086cb7b1b7b631.bin
.dll windows x86

d3d4006920c2c1d9a10409b75aa96228

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileW
DecodePointer
DeleteCriticalSection
DisableThreadLibraryCalls
EncodePointer
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsW
GetFileType
GetLastError
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
HeapQueryInformation
HeapReAlloc
HeapSize
HeapValidate
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LeaveCriticalSection
LoadLibraryExW
MultiByteToWideChar
OutputDebugStringA
OutputDebugStringW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
RtlUnwind
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAllocEx
WideCharToMultiByte
WriteConsoleW
WriteFile

user32

MessageBoxA
MessageBoxW

Exports

Exports

GetCLRRuntimeHost
dfvgihkyihdlfsghh
dfyiasihfsdghtghsog
fdaskufhgbksuthlyijhrd
fghdftiyhsabfuDFERKF

Sections

.text
Size: 230KB - Virtual size: 230KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 203KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.voltbl
Size: 512B - Virtual size: 204B

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3d4006920c2c1d9a10409b75aa96228

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 230KB - Virtual size: 230KB

.rdata Size: 60KB - Virtual size: 60KB

.data Size: 203KB - Virtual size: 206KB

.00cfg Size: 512B - Virtual size: 4B

.voltbl Size: 512B - Virtual size: 204B

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 230KB - Virtual size: 230KB

.rdata
Size: 60KB - Virtual size: 60KB

.data
Size: 203KB - Virtual size: 206KB

.00cfg
Size: 512B - Virtual size: 4B

.voltbl
Size: 512B - Virtual size: 204B

.reloc
Size: 9KB - Virtual size: 8KB