07df8d223f8a370cd703d177d7e93a36[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

07df8d223f8a370cd703d177d7e93a36.bin
Size

121KB
MD5

07df8d223f8a370cd703d177d7e93a36
SHA1

9d1ecbbe8637fed0d89fca1af35ea821277ad2e8
SHA256

2c0cfe2f4f1e7539b4700e1205411ec084cbc574f9e4710ecd4733fbf0f8a7dc
SHA512

5066061da116e2c7563f86d316515c4c80bb22a031652cab53de2d4bcda0e3ee816bc910740ce9c26049d5f59c723aeb6b143b1a4ef2135360e179f52d7ed615
SSDEEP

3072:FvuyK6OvtzzjymM0EAA8QYgfVtuUUDH9A6PvMg6H8D/XR8:Fw6eLy+tAzruUUDH9A6XXR8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07df8d223f8a370cd703d177d7e93a36.bin

Files

07df8d223f8a370cd703d177d7e93a36.bin
.dll windows x86

adb48a7c9946b549540881552e2ca933

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

cabinet

FCIFlushCabinet
FCICreate
FCIDestroy
FCIAddFile

kernel32

GetFileInformationByHandle
GetLastError
GetFileAttributesA
CreateFileA
CloseHandle
FileTimeToLocalFileTime
lstrcpynA
FileTimeToDosDateTime
GetModuleFileNameW
SetErrorMode
GetVersionExW
Sleep
DeleteFileW
GetWindowsDirectoryW
VirtualQuery
GetCurrentProcess
VirtualAllocEx
VirtualFreeEx
ReadFile
FindFirstFileW
WriteProcessMemory
FindNextFileW
WriteFile
GetPrivateProfileIntW
SetFilePointer
SetEndOfFile
FindClose
WaitForSingleObject
CreateFileW
GetTickCount64
GetDiskFreeSpaceExW
CreateThread
GetFileSize
CopyFileW
WideCharToMultiByte
MoveFileW
HeapReAlloc
HeapSize
FlushFileBuffers
WriteConsoleW
GetStringTypeW
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwind
RaiseException
InterlockedFlushSList
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
GetConsoleMode
ReadConsoleW
GetFileType
GetConsoleCP
SetFilePointerEx
ExitThread
ResumeThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
HeapFree
HeapAlloc
MultiByteToWideChar
CompareStringW
LCMapStringW
SetStdHandle
GetStdHandle
GetFileAttributesExW
GetFileSizeEx
DecodePointer

user32

wsprintfW

shell32

SHCreateDirectoryExW

ole32

CoUninitialize
CoTaskMemFree
CoInitialize
CoCreateInstance

shlwapi

PathRemoveExtensionW
PathAppendW
PathFindFileNameW
PathFindExtensionW
PathRenameExtensionW
PathRemoveFileSpecW
PathFileExistsW

Exports

Exports

ModuleStart
ModuleStart64

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

adb48a7c9946b549540881552e2ca933

Headers

DLL Characteristics

File Characteristics

Imports

cabinet

kernel32

user32

shell32

ole32

shlwapi

Exports

Exports

Sections

.text Size: 83KB - Virtual size: 83KB

.rdata Size: 28KB - Virtual size: 28KB

.data Size: 2KB - Virtual size: 5KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 83KB - Virtual size: 83KB

.rdata
Size: 28KB - Virtual size: 28KB

.data
Size: 2KB - Virtual size: 5KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 5KB - Virtual size: 5KB