2ffaa8cbc7f0d21d03d3dd897d974dba[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

2ffaa8cbc7f0d21d03d3dd897d974dba.bin
Size

56KB
MD5

2ffaa8cbc7f0d21d03d3dd897d974dba
SHA1

6dff9a9f13300a5ce72a70d907ff7854599e990a
SHA256

cfa65036aff012d7478694ea733e3e882cf8e18f336af5fba3ed2ef29160d45b
SHA512

a40e053f283181634da4882c8d000bf7444cb727b21108808cab416dd1ba4314133aa7d8be8916c91aa0e564d63947971bd6396dce45893f20498ac62c7a8ed6
SSDEEP

768:KQNhSWjo4jqjJ1Ybqq/HAISOegJwb/U5jNJtX95zXW3EuNMyySsvdWI9w8RDGUFq:JhSx4jCOOq6OVEs9Le8RyUFDgqg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ffaa8cbc7f0d21d03d3dd897d974dba.bin

Files

2ffaa8cbc7f0d21d03d3dd897d974dba.bin
.dll windows x64

d26c98c723fc2ca5f1e0ed657432bc22

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

CloseHandle
SetEvent
InitializeSListHead
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
GetProcAddress
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
ResetEvent

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_exception_copy
memcpy
__std_type_info_destroy_list
__std_exception_destroy
__C_specific_handler
__std_terminate
memset
_CxxThrowException

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_cexit
_initialize_onexit_table

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free

Exports

Exports

unify

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d26c98c723fc2ca5f1e0ed657432bc22

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

vcruntime140_1

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

Exports

Exports

Sections

.text Size: 45KB - Virtual size: 45KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 7KB

.pdata Size: 1024B - Virtual size: 864B

.reloc Size: 512B - Virtual size: 92B

.text
Size: 45KB - Virtual size: 45KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 7KB

.pdata
Size: 1024B - Virtual size: 864B

.reloc
Size: 512B - Virtual size: 92B