f78d1df059683b7c09433fd5d680d0d6[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

f78d1df059683b7c09433fd5d680d0d6.bin
Size

1.8MB
MD5

f78d1df059683b7c09433fd5d680d0d6
SHA1

b904237c6fcf1a9c148b4564b6c199d03f654d47
SHA256

90e15eaf6385b41fcbf021ecbd8d86b8c31ba48c2c5c3d1edb8851896f4f72fe
SHA512

4a695bcdb63e0e46339d33fb4ae4a87aa9a5536c1b576b65046a477c33ab3efe2cf51c538603809b854b1b6dd578fe7c33c4d4343afd9fbf8f6df1fe60705dd3
SSDEEP

49152:w0Iq4gmKBTmSjvxCHtCIH+lCuR4fgt8oX4JM:zIq3mJeoN+UuRQgZX4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f78d1df059683b7c09433fd5d680d0d6.bin

Files

f78d1df059683b7c09433fd5d680d0d6.bin
.exe windows x86

212b7b90e71db8c51c92e4ee95340adf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RaiseException
FlushInstructionCache
lstrlenW
MultiByteToWideChar
lstrcmpW
GetModuleFileNameW
FlushFileBuffers
CreateFileW
WriteConsoleW
SetStdHandle
GetStringTypeW
LCMapStringW
GetConsoleMode
GetConsoleCP
SetFilePointer
IsValidCodePage
GetOEMCP
GetCPInfo
HeapReAlloc
HeapSize
IsDebuggerPresent
UnhandledExceptionFilter
QueryPerformanceCounter
LeaveCriticalSection
TlsFree
TlsSetValue
TlsAlloc
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
WriteFile
ExitProcess
SetUnhandledExceptionFilter
MoveFileA
RtlUnwind
DecodePointer
EncodePointer
GetStartupInfoW
HeapSetInformation
GetCommandLineW
CreateEventW
LocalAlloc
LocalFree
GetEnvironmentVariableW
GetACP
lstrlenA
lstrcatA
lstrcpyA
WideCharToMultiByte
TerminateProcess
WaitForDebugEvent
ContinueDebugEvent
CloseHandle
GetSystemTimeAsFileTime
GetTickCount
WaitForSingleObject
Sleep
InterlockedPopEntrySList
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
HeapAlloc
GetProcessHeap
HeapFree
InterlockedPushEntrySList
InterlockedCompareExchange
GetCurrentProcessId
GetCurrentThreadId
DeleteCriticalSection
lstrcmpiW
LockResource
EnterCriticalSection
GetProcAddress
SetLastError
GetVersionExW
TlsGetValue
GetLastError
SizeofResource
InitializeCriticalSectionAndSpinCount
LoadLibraryW
GetModuleHandleW
GetCurrentProcess
InterlockedDecrement
InterlockedIncrement
LoadLibraryExW
LoadResource
FreeLibrary
FindResourceW
HeapCreate
VirtualQuery

user32

LoadAcceleratorsW
DispatchMessageW
GetWindow
GetWindowThreadProcessId
GetMessagePos
DefWindowProcW
CallWindowProcW
GetMonitorInfoW
SetMenuItemInfoW
DrawFrameControl
UnregisterClassA
DestroyWindow
TranslateAcceleratorW
ScreenToClient
GetWindowRect
IsMenu
GetMessageW
MonitorFromPoint
PostQuitMessage
CharNextW
GetWindowDC
RegisterWindowMessageW
FillRect
GetMenuItemID
LoadImageW
PostMessageW
DrawTextW
GetKeyState
GetSubMenu
LoadStringA
GetFocus
DialogBoxParamW
GetParent
LoadCursorW
CallNextHookEx
MessageBeep
IsWindowEnabled
WindowFromPoint
GetClientRect
SetFocus
DrawEdge
GetMenuItemInfoW
SetRectEmpty
ModifyMenuW
BeginPaint
PtInRect
GetClassInfoExW
CharLowerW
GetDC
TranslateMessage
EndPaint
InflateRect
GetMenu
RegisterClassExW
OffsetRect
TrackPopupMenuEx
CheckMenuRadioItem
InvalidateRect
LoadMenuW
GetWindowLongW
AppendMenuW
SystemParametersInfoW
PeekMessageW
GetClassNameW
ReleaseDC
MonitorFromWindow
SetWindowLongW
EndDialog
GetSysColor
SetWindowPos
LoadStringW
ShowWindow
SetMenu
CreatePopupMenu
GetSysColorBrush
FrameRect
LoadBitmapW
GetActiveWindow
GetMenuItemCount
IsWindow
RemoveMenu
CreateWindowExW
SetMenuDefaultItem
SetWindowsHookExW
UnhookWindowsHookEx
GetSystemMetrics
IsWindowVisible
SendMessageW
MapWindowPoints
UpdateWindow
DestroyMenu

advapi32

RegEnumKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegSetValueExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegDeleteValueW

ole32

CoCreateInstance
CoUninitialize
CoTaskMemRealloc
CoInitialize
CoTaskMemFree
CoTaskMemAlloc

oleaut32

SysAllocString
VariantClear
VarUI4FromStr
SysFreeString

comctl32

CreateStatusWindowW
ImageList_Create
ImageList_GetImageCount
ImageList_LoadImageW
InitCommonControlsEx
ImageList_AddMasked
ImageList_Draw
ImageList_Destroy
ImageList_DrawIndirect

uxtheme

IsThemeActive
IsAppThemed

gdi32

GetStockObject
GetObjectW
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
DeleteObject
SetBkMode
CreateBitmap
SetBkColor
GetCurrentObject
SetBrushOrgEx
CreateFontIndirectW
CreateDIBSection
DeleteDC
SetTextColor
PatBlt
BitBlt
CreatePatternBrush

Sections

.text
Size: 546KB - Virtual size: 546KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.1MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

212b7b90e71db8c51c92e4ee95340adf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

comctl32

uxtheme

gdi32

Sections

.text Size: 546KB - Virtual size: 546KB

.rdata Size: 90KB - Virtual size: 90KB

.data Size: 1.1MB - Virtual size: 1.2MB

.rsrc Size: 40KB - Virtual size: 39KB

.text
Size: 546KB - Virtual size: 546KB

.rdata
Size: 90KB - Virtual size: 90KB

.data
Size: 1.1MB - Virtual size: 1.2MB

.rsrc
Size: 40KB - Virtual size: 39KB