dc0f7e1821a3b0cd37b3be3ca342ade5[.]bin

General

Target

dc0f7e1821a3b0cd37b3be3ca342ade5.bin
Size

52KB
MD5

dc0f7e1821a3b0cd37b3be3ca342ade5
SHA1

8c955a9cd57cd778e83dbfeb907fbb044ab16274
SHA256

fa5f32457d0ac4ec0a7e69464b57144c257a55e6367ff9410cf7d77ac5b20949
SHA512

c083f941799dfe396374d560c8c359ff02047ea64a007b9b24cc719a4e9c80ba517fd86b59800f7953a162ebfb2e59cd57d3fdc46c58873888ca9e46c0b9aca4
SSDEEP

768:/gezL8b12LTJC66eGzhlwnx/QoAEv/8PoGi3o:YMK0LTJPWTkQDQGoN3o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc0f7e1821a3b0cd37b3be3ca342ade5.bin

Files

dc0f7e1821a3b0cd37b3be3ca342ade5.bin
.dll windows x86

dfc9cb4567b86317dfc0fdf8114debed

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

CommandLineToArgvW

kernel32

TlsFree
VirtualAlloc
GetModuleFileNameA
FreeLibrary
GetProcAddress
LoadLibraryA
VirtualQueryEx
ReadProcessMemory
GetThreadContext
CreateProcessA
GetStartupInfoA
ResumeThread
SetThreadContext
CloseHandle
TerminateProcess
WriteProcessMemory
VirtualProtectEx
VirtualFree
GetModuleHandleA
GetCurrentProcess
GetEnvironmentVariableA
WideCharToMultiByte
GetCommandLineW
ReadFile
SetFilePointer
GetFileSize
CreateFileA
ExitProcess
GetCommandLineA
GetVersion
HeapAlloc
HeapFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetVersionExA
HeapDestroy
HeapCreate
WriteFile
HeapReAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dfc9cb4567b86317dfc0fdf8114debed

Headers

File Characteristics

Imports

shell32

kernel32

Sections

.text Size: 24KB - Virtual size: 20KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 13KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 24KB - Virtual size: 20KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 13KB

.reloc
Size: 8KB - Virtual size: 8KB