R9Mj_iXL7N4fXntybtM615CHIwjDob_b1lA3FVeSwR8[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

R9Mj_iXL7N4fXntybtM615CHIwjDob_b1lA3FVeSwR8.bin
Size

2.6MB
MD5

240d2a26d3e54823a4c39f4b8f16cf92
SHA1

436e915e5a6287196fa345398c9b87263ce0dd11
SHA256

47d323fa25cbecde1f5e7b726ed33ad790872308c3a1bf9bd65037155792c11f
SHA512

dfde04b7bc42bdd4c98485a4c63b645692a5799b583e63ab77e6adde8f5fa82e4cd309cd6f936e9deb33e5c8b6031d328198ab3dc2e7d48d2347a89d47d0dac0
SSDEEP

49152:Eq3QscuJsVPCYc80pixEXY2QpvH8n6f9Giol08sVlHDGwxVW:E0nJsVPBcexz2QpvHqO9GioeHrI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
R9Mj_iXL7N4fXntybtM615CHIwjDob_b1lA3FVeSwR8.bin

Files

R9Mj_iXL7N4fXntybtM615CHIwjDob_b1lA3FVeSwR8.bin
.exe windows:6 windows x86

94dd02744fcb699e42c8cab9862521cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
LockResource
LoadResource
FindResourceW
GetProcAddress
GetModuleHandleW
SetLastError
GetLastError
GetTickCount
HeapFree
InitializeCriticalSectionAndSpinCount
HeapSize
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
HeapDestroy
DeleteCriticalSection
GetProcessHeap
WideCharToMultiByte
GlobalAlloc
GlobalSize
GlobalLock
GlobalUnlock
GlobalFree
LocalFree
MulDiv
FormatMessageW
CopyFileW
MultiByteToWideChar
GetCurrentThread
GetCurrentThreadId
GetVersionExW
FreeLibrary
GetModuleFileNameW
LoadLibraryExW
GlobalDeleteAtom
lstrcmpA
lstrcmpW
CompareStringA
FreeResource
OutputDebugStringA
GetModuleHandleA
LoadLibraryW
CloseHandle
SetEvent
WaitForSingleObject
CreateEventW
SetThreadPriority
ResumeThread
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
GlobalAddAtomW
GetCurrentProcessId
EncodePointer
GetSystemDirectoryW
LoadLibraryA
GlobalFindAtomW
EnterCriticalSection
LeaveCriticalSection
LocalAlloc
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
InitializeCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalReAlloc
GlobalHandle
LocalReAlloc
GlobalGetAtomNameW
GetThreadLocale
GetCurrentDirectoryW
CompareStringW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GlobalFlags
DeleteFileW
CreateFileW
FindClose
FindFirstFileW
FlushFileBuffers
GetFileSize
GetFullPathNameW
GetVolumeInformationW
LockFile
ReadFile
SetEndOfFile
SetFilePointer
UnlockFile
WriteFile
DuplicateHandle
GetCurrentProcess
lstrcmpiW
VirtualProtect
FileTimeToLocalFileTime
GetFileAttributesW
GetFileAttributesExW
GetFileSizeEx
GetFileTime
FindNextFileW
SetErrorMode
GetWindowsDirectoryW
lstrcpyW
FindResourceExW
VerSetConditionMask
VerifyVersionInfoW
GetTempFileNameW
GetTempPathW
GetProfileIntW
SearchPathW
Sleep
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
WriteConsoleW
SetEnvironmentVariableA
OutputDebugStringW
RtlUnwind
GetCommandLineA
GetCommandLineW
GetSystemInfo
VirtualAlloc
VirtualQuery
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
HeapQueryInformation
SetStdHandle
GetFileType
QueryPerformanceFrequency
GetStdHandle
ExitProcess
GetACP
GetStringTypeW
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
ReadConsoleW
SetFilePointerEx
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
LoadLibraryExA

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 332KB - Virtual size: 331KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.giats
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

wefwekwe
Size: 213KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.deepak
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94dd02744fcb699e42c8cab9862521cf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

winspool.drv

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 332KB - Virtual size: 331KB

.data Size: 26KB - Virtual size: 51KB

.gfids Size: 107KB - Virtual size: 107KB

.giats Size: 512B - Virtual size: 16B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 295KB - Virtual size: 294KB

.reloc Size: 125KB - Virtual size: 125KB

wefwekwe Size: 213KB - Virtual size: 213KB

.deepak Size: 512B - Virtual size: 512B

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 332KB - Virtual size: 331KB

.data
Size: 26KB - Virtual size: 51KB

.gfids
Size: 107KB - Virtual size: 107KB

.giats
Size: 512B - Virtual size: 16B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 295KB - Virtual size: 294KB

.reloc
Size: 125KB - Virtual size: 125KB

wefwekwe
Size: 213KB - Virtual size: 213KB

.deepak
Size: 512B - Virtual size: 512B