c15e0801502a6ad896476e64b93d6924[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

c15e0801502a6ad896476e64b93d6924.bin
Size

5.3MB
MD5

5f993477710e879e26a33eb72d29759c
SHA1

5dd813c318af6c363ced30bc8796832ff09b846f
SHA256

87ec43d59cf991de028fb11a0014123475ed385d36395e9c7b75b6cbecc33de2
SHA512

365b4cda2a400cdb2020f168fe4932a2c8ac93105bdad3c3901e37471ecb921b8a8bc6dee4a867e46bad7e6cb489645fff992969f50cb815a94d8a933ae2866f
SSDEEP

98304:KYSkNxT7r0s8GH05GdP+xyD8rIFBt6ZolgcIRTuUqMUcxisBhKcCxVixxwbtEgAH:K8H0sHx+xyD8cTlgBRTNUCB0qgAJptV3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/c7ade67fe0e8f4c22f73ce3168ff6e718086f1eda83cce4c065b4fe49bd5ad99.bin

Files

c15e0801502a6ad896476e64b93d6924.bin
.zip

Password: infected
c7ade67fe0e8f4c22f73ce3168ff6e718086f1eda83cce4c065b4fe49bd5ad99.bin
.exe windows:4 windows x86

Password: infected

8f33b8e3f17abf9dbb148477ede548f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
ExitProcess
HeapReAlloc
HeapSize
VirtualAlloc
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
Sleep
SetStdHandle
GetConsoleCP
GetConsoleMode
SetEnvironmentVariableA
SetEnvironmentVariableW
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStartupInfoW
GetProcessHeap
HeapAlloc
HeapFree
GetTickCount
SetErrorMode
FindResourceExW
LocalFileTimeToFileTime
FileTimeToLocalFileTime
SystemTimeToFileTime
FileTimeToSystemTime
GlobalFlags
InterlockedIncrement
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalGetAtomNameW
GetShortPathNameW
GetVolumeInformationW
GetCurrentProcess
DuplicateHandle
GetFileSize
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
lstrcmpiW
GetThreadLocale
GetStringTypeExW
MoveFileW
VirtualProtect
GetDiskFreeSpaceW
GetFullPathNameW
GetFileAttributesW
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
WritePrivateProfileStringW
GetPrivateProfileIntW
InterlockedDecrement
GetVersionExW
GetCurrentProcessId
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
FreeLibrary
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
FreeResource
GlobalFree
GlobalAlloc
FormatMessageW
LocalFree
lstrlenW
MulDiv
FindFirstFileA
RemoveDirectoryA
FindNextFileA
FindClose
GetCurrentDirectoryA
GetModuleHandleA
FindResourceA
SetEndOfFile
DeleteFileA
CreateProcessA
GetExitCodeProcess
GetTempPathA
CreateFileA
WriteFile
CreateDirectoryA
GetFileTime
SetFileTime
FindFirstFileW
GlobalLock
GlobalUnlock
GetTempPathW
GetTempFileNameW
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
lstrlenA
DeleteFileW
GetPrivateProfileStringW
GetModuleFileNameW
GetLastError
SetLastError
GetProcAddress
GetModuleHandleW
LoadLibraryW
CreateFileW
CloseHandle
GetEnvironmentVariableW
SetCurrentDirectoryW
WideCharToMultiByte
GetCurrentDirectoryW
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
QueryPerformanceCounter
SizeofResource

user32

CopyAcceleratorTableW
CreateMenu
PostThreadMessageW
GetTabbedTextExtentA
GetDCEx
LockWindowUpdate
RegisterClipboardFormatW
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
CreatePopupMenu
SetRectEmpty
SetMenu
RedrawWindow
TranslateMDISysAccel
BringWindowToTop
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
GetDC
ReleaseDC
DestroyCursor
SetRect
CharUpperW
MapDialogRect
GetAsyncKeyState
SetCapture
SetWindowRgn
DrawIcon
FillRect
IsRectEmpty
FindWindowW
SystemParametersInfoW
LoadMenuW
DestroyMenu
ShowOwnedPopups
PostQuitMessage
GetMessageW
ValidateRect
GetWindowThreadProcessId
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetLastActivePopup
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetForegroundWindow
ShowScrollBar
IsWindowVisible
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
GetScrollInfo
SetScrollInfo
CopyRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetActiveWindow
SetActiveWindow
GetSystemMetrics
CreateDialogIndirectParamW
DestroyWindow
IsWindow
IsWindowEnabled
GetNextDlgTabItem
EndDialog
GetWindowTextLengthW
GetWindowTextW
GetScrollPos
SetScrollPos
GetWindow
SetFocus
GetMenuState
GetMenuStringW
AppendMenuW
GetMenuItemID
InsertMenuW
GetMenuItemCount
GetSubMenu
RemoveMenu
LoadCursorW
SetCursor
GetClassNameW
SetWindowLongW
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
InvalidateRect
EqualRect
DestroyIcon
UnregisterClassW
GetMenuItemInfoW
GetSysColorBrush
SetParent
GetSystemMenu
DeleteMenu
IsZoomed
InflateRect
SendDlgItemMessageA
GetClipboardData
CloseClipboard
OpenClipboard
TranslateMessage
DispatchMessageW
GetDlgItem
GetKeyState
ReleaseCapture
GetCursorPos
GetSysColor
GetWindowLongW
WindowFromPoint
GetDesktopWindow
GetFocus
KillTimer
SetTimer
ScreenToClient
ClientToScreen
PostMessageW
PtInRect
GetParent
GetWindowRect
MessageBoxW
MessageBeep
GetClientRect
LoadAcceleratorsW
TranslateAcceleratorW
UpdateWindow
EnableWindow
SendMessageW
GetTopWindow
UnregisterClassA

gdi32

BitBlt
GetPixel
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetCurrentPositionEx
IntersectClipRect
CreatePatternBrush
CreateSolidBrush
GetWindowExtEx
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetCharWidthW
CreateFontW
StretchDIBits
GetTextMetricsW
GetTextExtentPoint32W
EnumFontFamiliesExW
GetNearestColor
GetBkColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetTextAlign
GetTextFaceW
GetTextExtentPoint32A
GetWindowOrgEx
ExcludeClipRect
SetMapMode
SetStretchBltMode
SetROP2
SetPolyFillMode
GetViewportExtEx
CreateRectRgn
SelectClipRgn
DeleteObject
SetTextAlign
MoveToEx
LineTo
CreateFontIndirectW
SetBkMode
RestoreDC
SaveDC
GetStockObject
PatBlt
Rectangle
GetViewportOrgEx
CreatePen
DeleteDC
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
StartDocW
Ellipse
LPtoDP
DPtoLP
CreateEllipticRgn
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
CreateDCW
GetDeviceCaps
GetCurrentObject
CreateCompatibleDC
CreateCompatibleBitmap
GetObjectW

comdlg32

GetFileTitleW
GetSaveFileNameW

winspool.drv

GetJobW
ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

GetFileSecurityW
SetFileSecurityW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegOpenKeyW
RegSetValueW
RegCloseKey
RegOpenKeyExA
RegCreateKeyW

shell32

DragFinish
DragQueryFileW
SHGetFileInfoW
ExtractIconW
DragAcceptFiles

shlwapi

PathFindFileNameW
PathStripToRootW
PathFindExtensionW
PathIsUNCW

ole32

OleDestroyMenuDescriptor
OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CoCreateGuid

oleaut32

VariantInit
VariantChangeType
VariantClear
SysAllocStringLen

Sections

.text
Size: 660KB - Virtual size: 656KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10.6MB - Virtual size: 10.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

8f33b8e3f17abf9dbb148477ede548f6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

Sections

.text Size: 660KB - Virtual size: 656KB

.rdata Size: 136KB - Virtual size: 132KB

.data Size: 20KB - Virtual size: 146KB

.rsrc Size: 10.6MB - Virtual size: 10.6MB

.text
Size: 660KB - Virtual size: 656KB

.rdata
Size: 136KB - Virtual size: 132KB

.data
Size: 20KB - Virtual size: 146KB

.rsrc
Size: 10.6MB - Virtual size: 10.6MB