fb60a0bfce9da6b14f1d280476982d89[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

fb60a0bfce9da6b14f1d280476982d89.bin
Size

146KB
MD5

a58a2b27caf6f5e8ca7f74e221e1d7d0
SHA1

264c10cf41716cef787e5638ad12b4cd67fc0b6d
SHA256

46859a9b6d7664adead8ec4a0b1d0af6a567ddc97c78d207a3f6b1df7f3a8bf3
SHA512

d3aeb3b179fad43e48d7c74c1ee3108cf78fae2c68bbd89259a260265561af10c8d751afbdc718d5d358970529330a98e0edc1a5a02295054cb0f080ecc6bccc
SSDEEP

3072:hnmYEk+y3y/l9OAE/QfMS7EncKG4nDBEeSDMobRiAuGkWK8zxuC:hmY+/XOZIl4G4irbRBJbxT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ce9da47d1d49b52fb8864201ee2f284d04d5c76748128e429c852c44c1fa1437.dll

Files

fb60a0bfce9da6b14f1d280476982d89.bin
.zip

Password: infected
ce9da47d1d49b52fb8864201ee2f284d04d5c76748128e429c852c44c1fa1437.dll
.dll windows:6 windows x86

Password: infected

e1c0a4042c52ea8a187a21f64770ece1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
GetCurrentProcess
GetModuleHandleA
Sleep
IsWow64Process
SetEndOfFile
WriteConsoleW
HeapSize
CreateFileW
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
RaiseException
GetCurrentThreadId
IsProcessorFeaturePresent
GetLastError
FreeLibraryWhenCallbackReturns
CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpoolWork
GetModuleHandleExW
MultiByteToWideChar
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableSRW
InitOnceComplete
InitOnceBeginInitialize
GetStringTypeW
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
WideCharToMultiByte
CloseHandle
QueryPerformanceCounter
QueryPerformanceFrequency
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
LCMapStringEx
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
RtlUnwind
InterlockedFlushSList
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
CreateThread
ExitThread
FreeLibraryAndExitThread
ExitProcess
GetModuleFileNameW
GetFileSizeEx
SetFilePointerEx
GetStdHandle
GetFileType
HeapAlloc
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
HeapFree
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ReadFile
ReadConsoleW
HeapReAlloc

user32

GetWindowTextW
GetForegroundWindow

ws2_32

recv
htons
send
WSAStartup
inet_pton
socket
connect

wininet

InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetOpenA

Exports

Exports

curl_easy_cleanup
curl_easy_init
curl_easy_perform
curl_easy_setopt

Sections

.text
Size: 197KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

e1c0a4042c52ea8a187a21f64770ece1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ws2_32

wininet

Exports

Exports

Sections

.text Size: 197KB - Virtual size: 197KB

.rdata Size: 53KB - Virtual size: 53KB

.data Size: 10KB - Virtual size: 14KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 197KB - Virtual size: 197KB

.rdata
Size: 53KB - Virtual size: 53KB

.data
Size: 10KB - Virtual size: 14KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 10KB - Virtual size: 10KB