dfa94e30f9d02ebace754dfbae58a995c0ece3031753eae2dc8291881a2fe107[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

dfa94e30f9d02ebace754dfbae58a995c0ece3031753eae2dc8291881a2fe107.bin
Size

379KB
MD5

c35efd300f10b4da909ca6dcd660c348
SHA1

9df61e3e5cc233ebcf411f05707cc955c51b949a
SHA256

dfa94e30f9d02ebace754dfbae58a995c0ece3031753eae2dc8291881a2fe107
SHA512

fb461b027edf9c3fc8fa367f40dc5279aed2a2c26582cd08a0f293efa8655d2703560d71832b91afffa3d211594c7cf7a707c88e3b90670bc08d000699ccfd7d
SSDEEP

6144:XuVn3UIGRdrL8Sdwi5lUy0IEpz2nld6pwRZZOzIcU8dC4Qs831oxAzEP:+Vn34Rtg07Zyj0Zlu6FEP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfa94e30f9d02ebace754dfbae58a995c0ece3031753eae2dc8291881a2fe107.bin

Files

dfa94e30f9d02ebace754dfbae58a995c0ece3031753eae2dc8291881a2fe107.bin
.exe windows:4 windows x64 arch:x64

73a50a62f7fa067b0b2eecb5ef131c89

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
CM_Get_Parent

kernel32

lstrlenA
SetErrorMode
GetStartupInfoW
GetSystemTimeAsFileTime
RtlLookupFunctionEntry
RtlUnwindEx
ExitProcess
RaiseException
RtlPcToFileHeader
HeapReAlloc
HeapSize
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
FlsSetValue
FlsFree
FlsAlloc
HeapSetInformation
HeapCreate
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
GetDateFormatA
GetTimeFormatA
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
GetConsoleCP
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetCurrentProcess
SetEndOfFile
FlushFileBuffers
SetFilePointer
GetThreadLocale
TlsFree
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
TlsGetValue
LocalAlloc
GlobalFlags
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetModuleHandleA
FormatMessageW
LocalFree
MulDiv
GlobalFindAtomW
CompareStringW
LoadLibraryA
GetVersionExA
GetCurrentProcessId
GlobalAddAtomW
GlobalUnlock
GlobalFree
FreeResource
lstrlenW
WritePrivateProfileStringW
GlobalDeleteAtom
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
LoadLibraryW
WideCharToMultiByte
CompareStringA
MultiByteToWideChar
GlobalLock
lstrcmpW
GlobalAlloc
FreeLibrary
GetModuleHandleW
GetProcAddress
OutputDebugStringW
GetCurrentThreadId
WriteFile
ReadFile
SizeofResource
LoadResource
LockResource
FindResourceW
SetLastError
GetTickCount
WaitForSingleObject
SetEvent
CreateEventW
DeviceIoControl
GetDriveTypeW
GetVolumeNameForVolumeMountPointW
CreateFileW
GetModuleFileNameW
GetVersionExW
HeapFree
GetProcessHeap
HeapAlloc
Sleep
GetPrivateProfileStringW
GetPrivateProfileIntW
GetLastError
CreateMutexW
CloseHandle
FlsGetValue

user32

LoadCursorW
GetSysColorBrush
EndPaint
BeginPaint
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ShowWindow
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
SendDlgItemMessageA
SendDlgItemMessageW
WinHelpW
GetCapture
GetClassNameW
GetClassLongPtrW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextW
GetForegroundWindow
GetTopWindow
GetWindowLongPtrW
SetWindowLongPtrW
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
UpdateWindow
GetSubMenu
GetMenuItemID
GetMenuItemCount
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
GetWindow
GetWindowThreadProcessId
GetLastActivePopup
SetCursor
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
GetDesktopWindow
GetActiveWindow
UnregisterClassW
DestroyMenu
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
IsWindow
GetWindowLongW
GetDlgItem
IsWindowEnabled
GetNextDlgTabItem
EndDialog
PostMessageW
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
MessageBoxW
ReplyMessage
DrawIcon
UnregisterDeviceNotification
GetClientRect
GetSystemMetrics
SendMessageW
LoadIconW
EnableWindow
IsIconic
RegisterDeviceNotificationW
KillTimer
SetTimer
GetMenu
UnregisterClassA

gdi32

DeleteDC
GetStockObject
ExtTextOutW
TextOutW
RectVisible
PtVisible
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
GetObjectW
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
DeleteObject
SetMapMode
RestoreDC
SaveDC
GetDeviceCaps
Escape

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegDeleteKeyW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegCreateKeyExW
RegQueryValueExW
RegEnumValueW
RegOpenKeyExW
RegSetValueExW
RegDeleteValueW
RegCloseKey

shell32

SHChangeNotify

comctl32

InitCommonControlsEx

shlwapi

PathFindExtensionW
PathFindFileNameW
SHDeleteKeyW
PathRemoveFileSpecW

oleaut32

VariantClear
VariantChangeType
VariantInit

Sections

.text
Size: 230KB - Virtual size: 230KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zero
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73a50a62f7fa067b0b2eecb5ef131c89

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

Sections

.text Size: 230KB - Virtual size: 230KB

.rdata Size: 69KB - Virtual size: 69KB

.data Size: 11KB - Virtual size: 34KB

.pdata Size: 15KB - Virtual size: 15KB

.rsrc Size: 37KB - Virtual size: 37KB

.zero Size: 8KB - Virtual size: 4KB

.text
Size: 230KB - Virtual size: 230KB

.rdata
Size: 69KB - Virtual size: 69KB

.data
Size: 11KB - Virtual size: 34KB

.pdata
Size: 15KB - Virtual size: 15KB

.rsrc
Size: 37KB - Virtual size: 37KB

.zero
Size: 8KB - Virtual size: 4KB