a7f4dbbedb3c2899d1e047847044d6d7[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

a7f4dbbedb3c2899d1e047847044d6d7.bin
Size

149KB
MD5

bde02d45a9a33fa6134e24930d48afad
SHA1

07748e791a4b0eeec8deb96f69ae79d2510c4ab2
SHA256

b2c469f9ae39a24a1a232d09b8d965edf7b47747499237d7b248902b6c64b79b
SHA512

9f632c40f1114099261565a1f9ce487740b422b0894e63554ab1d647167348127091d320451f563a78aba17eb42890bf5794e65b31a95eeb9f248cd7cf76dc08
SSDEEP

3072:iUwhPFuFkkqZP8y1SboR97u6hteSsPpAajbXb3lMYCXzDk5IOffUF:iTFizyEKJh7repX5MvXzDk1+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/42d18e186ce411812e02008023380c2f968d4e1a304040a7002ea56c77bb7342.exe

Files

a7f4dbbedb3c2899d1e047847044d6d7.bin
.zip

Password: infected
42d18e186ce411812e02008023380c2f968d4e1a304040a7002ea56c77bb7342.exe
.exe windows x86

Password: infected

55fbfc75ff3e3b3dbc89bbe374193fa5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileSizeEx
GetFileTime
GetStartupInfoW
HeapFree
HeapAlloc
RtlUnwind
ExitProcess
HeapReAlloc
RaiseException
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetProcessHeap
FileTimeToLocalFileTime
GetTickCount
SetErrorMode
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
FileTimeToSystemTime
lstrlenA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetModuleHandleA
GetThreadLocale
InterlockedIncrement
GetCurrentProcessId
GlobalAddAtomW
GlobalFindAtomW
GetVersionExW
CompareStringW
LoadLibraryA
GetVersionExA
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
FreeResource
InterlockedDecrement
SetLastError
GlobalFree
GlobalUnlock
FormatMessageW
LocalFree
MulDiv
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
LoadLibraryExW
CompareStringA
WideCharToMultiByte
InterlockedExchange
GlobalLock
lstrcmpW
GlobalAlloc
GetModuleHandleW
MultiByteToWideChar
Sleep
WriteFile
CreateFileW
GetModuleFileNameW
FreeLibrary
GetProcAddress
LoadLibraryW
GetLastError
CreateDirectoryW
GetFileAttributesW
GetCurrentThreadId
CloseHandle
WaitForSingleObject
CreateProcessW
lstrlenW
FindResourceW
LoadResource
LockResource
GetSystemTimeAsFileTime
SizeofResource

user32

RegisterClipboardFormatW
PostThreadMessageW
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableW
UnregisterClassW
GetSysColorBrush
ReleaseCapture
LoadCursorW
SetCapture
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
CharNextW
GetWindowThreadProcessId
SetCursor
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageA
IsChild
GetCapture
GetClassLongW
GetClassNameW
GetPropW
RemovePropW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
UpdateWindow
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DefWindowProcW
CallWindowProcW
CopyRect
PtInRect
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetAsyncKeyState
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
GetWindowTextW
GetFocus
SetFocus
ShowWindow
MoveWindow
SetWindowLongW
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
CharUpperW
DestroyMenu
MessageBeep
GetNextDlgGroupItem
SetPropW
InvalidateRgn
GetThreadDesktop
OpenInputDesktop
CreateDesktopW
SetThreadDesktop
SwitchDesktop
CloseDesktop
GetSystemMetrics
GetClientRect
EnableWindow
GetWindowRect
GetParent
SendMessageW
PostMessageW
PostQuitMessage
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
SetWindowPos
MapDialogRect
SetWindowContextHelpId
GetWindow
EndDialog
GetNextDlgTabItem
IsWindowEnabled
GetDlgItem
GetWindowLongW
IsWindow
DestroyWindow
CreateDialogIndirectParamW
SetActiveWindow
GetActiveWindow
GetDesktopWindow
SendDlgItemMessageW
WinHelpW

gdi32

ExtSelectClipRgn
DeleteDC
GetRgnBox
GetMapMode
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
CreateRectRgnIndirect
GetDeviceCaps
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
GetTextColor
GetBkColor
GetStockObject
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
Escape

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegQueryValueExW
RegDeleteKeyW
RegCloseKey
RegSetValueExW
RegDeleteValueW
RegCreateKeyExW
RegOpenKeyExW

shlwapi

PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW

oledlg

OleUIBusyW

ole32

CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleIsCurrentClipboard
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoTaskMemFree
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

SysFreeString
VariantInit
VariantClear
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
SafeArrayGetLBound
SafeArrayGetUBound
SysAllocStringLen
SysStringLen
VariantChangeType
OleCreateFontIndirect
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocString

Sections

.text
Size: 217KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

55fbfc75ff3e3b3dbc89bbe374193fa5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 217KB - Virtual size: 216KB

.rdata Size: 56KB - Virtual size: 56KB

.data Size: 11KB - Virtual size: 26KB

.rsrc Size: 17KB - Virtual size: 17KB

.text
Size: 217KB - Virtual size: 216KB

.rdata
Size: 56KB - Virtual size: 56KB

.data
Size: 11KB - Virtual size: 26KB

.rsrc
Size: 17KB - Virtual size: 17KB