f4b40538056902aa7d6f206be518ffa7[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

f4b40538056902aa7d6f206be518ffa7.bin
Size

158KB
MD5

f4b40538056902aa7d6f206be518ffa7
SHA1

93188fc7755b282c8efa46fd428147d67567f76f
SHA256

bf56add609e397a7b147c59c7e70551996070321b8244a9c41b2cfff5ba62d28
SHA512

bdd6aac3cb255b39f931fbeb1c2e3ccd7c30d57b8be6cd8ee83bb9dc1ad55a767bce615d2171e7690350d25623a4899e0cf7f15e1cfb44d3a80f80ec4756f235
SSDEEP

3072:f9PcnxhiBoyRZxhoSXMJSZPk84KA51Q3acyAC2HZKXEr+VrewXsNuutJAu6y:f9PcnxqzDxho1SZk731RcTCgZZBvt36y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f4b40538056902aa7d6f206be518ffa7.bin

Files

f4b40538056902aa7d6f206be518ffa7.bin
.exe windows:6 windows x86 arch:x86

7b84262346ae10fcd5a6070d7504e7f6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

UrlCombineA
UrlGetLocationA
PathMakePrettyW
SHQueryValueExW
PathIsURLA
StrToIntExA

kernel32

EnterCriticalSection
CreateFileW
HeapSize
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentThreadId
FindNextFileA
SearchPathA
WaitNamedPipeW
FormatMessageA
GetVolumePathNameA
SleepEx
HeapUnlock
LocalReAlloc
HeapAlloc
HeapFree
GetProcessHeap
GetModuleHandleW
GetProcAddress
LoadResource
LockResource
SizeofResource
FindResourceW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
HeapReAlloc
ReadConsoleW
SetFilePointerEx
GetFileSizeEx
ReadFile
GetConsoleMode
GetConsoleCP
FlushFileBuffers
CloseHandle
GetFileType
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetModuleHandleExW
ExitProcess
GetModuleFileNameW
WriteFile
GetStdHandle
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
GetLastError
RtlUnwind
RaiseException
TerminateProcess
GetCurrentProcess
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
WriteConsoleW
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
WideCharToMultiByte
LCMapStringEx
GetStringTypeW
GetCPInfo
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead

mpr

WNetCancelConnection2W
WNetGetResourceInformationW
WNetConnectionDialog1W
WNetGetProviderNameW
WNetGetResourceParentA
WNetAddConnectionA
MultinetGetConnectionPerformanceA
WNetAddConnection2A
WNetEnumResourceW
WNetDisconnectDialog
WNetAddConnection3W
WNetUseConnectionA
WNetGetLastErrorW

winspool.drv

EnumPrintProcessorDatatypesA
GetPrinterDriverW
ScheduleJob
DeletePrintProvidorA
AddPrinterDriverA
GetJobW

resutils

ResUtilGetBinaryProperty
ResUtilEnumResources
ResUtilGetProperties
ResUtilGetPrivateProperties
ResUtilDupString

mswsock

EnumProtocolsA
GetAddressByNameA
WSARecvEx
GetAddressByNameW
s_perror
rresvport
GetNameByTypeA
GetServiceA
rcmd

setupapi

SetupDeleteErrorW
SetupScanFileQueueA
SetupDiSetDeviceInstallParamsA
SetupOpenInfFileA
SetupDiEnumDeviceInterfaces
SetupAddSectionToDiskSpaceListA
SetupInitDefaultQueueCallback

mscms

GetPS2ColorRenderingDictionary
EnumColorProfilesA
CheckBitmapBits
SetColorProfileElementReference
GenerateCopyFilePaths
GetColorProfileElementTag
GetColorDirectoryW

Sections

.text
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b84262346ae10fcd5a6070d7504e7f6

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

mpr

winspool.drv

resutils

mswsock

setupapi

mscms

Sections

.text Size: 101KB - Virtual size: 101KB

.rdata Size: 38KB - Virtual size: 37KB

.data Size: 3KB - Virtual size: 7KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 101KB - Virtual size: 101KB

.rdata
Size: 38KB - Virtual size: 37KB

.data
Size: 3KB - Virtual size: 7KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 6KB - Virtual size: 6KB