3859aabec735477f07705e4bdb39ddfe[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

3859aabec735477f07705e4bdb39ddfe.bin
Size

1.2MB
MD5

2d1a8a5b1f9494f28fca6199d7df3cba
SHA1

339d738147bdf79c50d23afea799fa9f02fd94f1
SHA256

4b0d82d4ed6fd55b4471ee4ea5feeade6b6cb24b821238fc8a0692d12cac8131
SHA512

1a9f673eb345bd63fe2a989121ebc49b9984304412618bdaac3a697f3c2e7cd3745c9fbe0f832eb5e791069f880b1fe3d2122833229c254bae990f69629346c7
SSDEEP

24576:pB+y6dqxWdnkdEPYOKjQZNPKQCqgtsbz29hQ3dNvlctDm4Y:pEyrykdGeQVdgq/+h6NF4Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/d.exe

Files

3859aabec735477f07705e4bdb39ddfe.bin
.zip

Password: infected
40b6ceac066b778b4d67751217a71f4d57b73d247d09b8b8060bece86f2ea639.zip
.zip

Password: infected
d.exe
.exe windows:6 windows x86 arch:x86

Password: infected

90db7c74bad47ab56dd6dcbd1c46568e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LCMapStringW
GetStdHandle
GetFileType
SetStdHandle
QueryPerformanceFrequency
VirtualQuery
VirtualAlloc
GetSystemInfo
GetConsoleOutputCP
GetCommandLineW
GetCommandLineA
FreeLibraryAndExitThread
ExitThread
CreateThread
GetModuleHandleExW
ExitProcess
RtlUnwind
RaiseException
OutputDebugStringW
GetTimeZoneInformation
GetConsoleMode
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetStringTypeW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
SetFilePointerEx
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTempFileNameW
SearchPathW
GetTickCount64
GetTempPathW
GetProfileIntW
VerifyVersionInfoW
VerSetConditionMask
GetWindowsDirectoryW
GetFileTime
GetFileSizeEx
GetFileAttributesExW
GetFileAttributesW
FindResourceExW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
GetCurrentDirectoryW
VirtualProtect
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
GlobalGetAtomNameW
lstrcpyW
GlobalFlags
SetErrorMode
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
lstrcmpiW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
DeleteFileW
CreateFileW
GetUserDefaultLCID
CopyFileW
FormatMessageW
LocalFree
GlobalSize
IsDBCSLeadByte
GetCurrentProcessId
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
SetThreadPriority
WideCharToMultiByte
MultiByteToWideChar
lstrcmpA
GetVersionExW
GetCurrentThread
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
lstrcmpW
GlobalDeleteAtom
LoadLibraryA
LoadLibraryExW
FreeLibrary
GetSystemDirectoryW
GetCurrentThreadId
EncodePointer
LoadLibraryW
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
SetLastError
OutputDebugStringA
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionAndSpinCount
HeapFree
ResetEvent
SetEvent
WaitForSingleObject
GlobalAlloc
ResumeThread
GlobalFree
GetModuleHandleA
MulDiv
GlobalUnlock
GlobalLock
CloseHandle
CreateEventW
FindResourceW
LoadResource
LockResource
SizeofResource
Sleep
VirtualAllocEx
LoadLibraryExA
HeapQueryInformation
WriteConsoleW

user32

GetMenuItemInfoW
LoadImageW
DestroyIcon
TrackMouseEvent
RealChildWindowFromPoint
GetDialogBaseUnits
CharUpperW
LoadMenuW
EnumChildWindows
LockWindowUpdate
RegisterClipboardFormatW
IsRectEmpty
IntersectRect
SetWindowRgn
DestroyMenu
CreateMenu
LoadCursorW
GetSystemMetrics
ReleaseCapture
SetCapture
ClientToScreen
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuState
GetMenuStringW
SetParent
InflateRect
DrawEdge
GetWindowThreadProcessId
SetCursor
ShowOwnedPopups
GetCursorPos
TranslateMessage
GetMessageW
PostQuitMessage
IsDialogMessageW
SetWindowTextW
CheckDlgButton
MoveWindow
ShowWindow
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
SetWindowLongW
PtInRect
EqualRect
MapWindowPoints
ScreenToClient
MessageBoxW
AdjustWindowRectEx
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
ValidateRect
EndPaint
BeginPaint
SetForegroundWindow
GetForegroundWindow
UpdateWindow
TrackPopupMenu
GetMenuItemCount
SystemParametersInfoW
CopyImage
GetSysColorBrush
GetDCEx
EnableWindow
MessageBoxA
CloseWindow
FillRect
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetCapture
GetKeyState
GetFocus
SetFocus
GetDlgCtrlID
IsIconic
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetAsyncKeyState
MapDialogRect
DeleteMenu
SetTimer
KillTimer
GetTabbedTextExtentW
CreatePopupMenu
GetMenuDefaultItem
GetNextDlgGroupItem
WindowFromPoint
DrawFocusRect
DrawIconEx
GetIconInfo
MessageBeep
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
MapVirtualKeyW
GetKeyNameTextW
SetLayeredWindowAttributes
EnumDisplayMonitors
SetRect
GetDC
ReleaseDC
InvalidateRect
GetSysColor
CopyRect
UnregisterClassW
SendMessageW
IsWindow
DestroyWindow
CreateDialogIndirectParamW
EndDialog
GetDlgItem
GetNextDlgTabItem
GetActiveWindow
IsWindowEnabled
SetActiveWindow
GetWindowLongW
GetDesktopWindow
GetParent
SendDlgItemMessageA
GetClientRect
SetRectEmpty
OffsetRect
RegisterWindowMessageW
DispatchMessageW
PeekMessageW
GetMessagePos
GetMessageTime
PostMessageW
DefWindowProcW
CallWindowProcW
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
IsMenu
IsChild
DrawIcon
SetWindowPos
GetWindowPlacement
UnionRect
UpdateLayeredWindow
MonitorFromPoint
LoadAcceleratorsW
TranslateAcceleratorW
InsertMenuItemW
UnpackDDElParam
ReuseDDElParam
GetComboBoxInfo
PostThreadMessageW
WaitMessage
GetKeyboardLayout
IsCharLowerW
MapVirtualKeyExW
ToUnicodeEx
GetKeyboardState
CreateAcceleratorTableW
DestroyAcceleratorTable
CopyAcceleratorTableW
SetMenuDefaultItem
GetDoubleClickTime
ModifyMenuW
CharUpperBuffW
IsClipboardFormatAvailable
GetUpdateRect
DrawMenuBar
DefFrameProcW
DefMDIChildProcW
TranslateMDISysAccel
SubtractRect
GetWindowRgn
DestroyCursor
FrameRect
CopyIcon
SetCursorPos
BringWindowToTop
GetSystemMenu
IsZoomed
DrawFrameControl
SetClassLongW
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard

gdi32

CopyMetaFileW
CreateDCW
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
Escape
ExcludeClipRect
GetClipBox
GetCurrentPositionEx
GetObjectType
GetPixel
GetStockObject
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
LPtoDP
ScaleWindowExtEx
CombineRgn
GetViewportOrgEx
OffsetRgn
CreateRectRgnIndirect
CreateFontIndirectW
GetTextExtentPoint32W
GetTextMetricsW
GetTextAlign
PatBlt
SetRectRgn
DPtoLP
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
GetBkColor
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
CreateDIBSection
SetDIBColorTable
CreateEllipticRgn
Ellipse
GetTextColor
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
Rectangle
UnrealizeObject
GetRgnBox
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetTextFaceW
DeleteMetaFile
CloseMetaFile
CreateBitmap
GetObjectW
SetTextColor
SetBkColor
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
CreateSolidBrush
DeleteObject
DeleteDC
SelectObject
ScaleViewportExtEx
CreateMetaFileW
GetDeviceCaps

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegEnumKeyExW
RegEnumValueW
RegSetValueExW
RegDeleteValueW
RegSetValueW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHGetFileInfoW
ExtractIconW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHAppBarMessage
DragFinish
DragQueryFileW
SHBrowseForFolderW
ShellExecuteW

shlwapi

PathFindExtensionW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
StrFormatKBSizeW
PathRemoveFileSpecW

uxtheme

DrawThemeBackground
DrawThemeParentBackground
GetThemeColor
GetCurrentThemeName
GetWindowTheme
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetThemePartSize
CloseThemeData
DrawThemeText
OpenThemeData

ole32

OleLoadFromStream
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoInitializeEx
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleTranslateAccelerator
IsAccelerator
ReadClassStm
CoDisconnectObject
CreateDataAdviseHolder
OleCreateMenuDescriptor
CreateOleAdviseHolder
OleSaveToStream
ReleaseStgMedium
OleDuplicateData
ReadFmtUserTypeStg
CreateDataCache
CoTaskMemAlloc
CoInitialize
CoTaskMemFree
StringFromCLSID
CoRevokeClassObject
CoRegisterClassObject
StringFromGUID2
CoCreateGuid
CoUninitialize
CreateStreamOnHGlobal
CoCreateInstance
OleDestroyMenuDescriptor

oleaut32

VarBstrFromDate
OleCreatePictureIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
VariantCopy
OleCreatePropertyFrame
SysStringByteLen
SysStringLen
LoadTypeLi
SysFreeString
SysAllocString
VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
OleLoadPicture
LoadRegTypeLi
OleTranslateColor

gdiplus

GdipBitmapLockBits
GdipDeleteGraphics
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipDrawImageI
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipBitmapUnlockBits
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCreateBitmapFromScan0
GdipGetImagePalette

oleacc

LresultFromObject
CreateStdAccessibleObject
AccessibleObjectFromWindow

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Exports

Exports

_ExportedFunction@0

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 334KB - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

Password: infected

90db7c74bad47ab56dd6dcbd1c46568e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

shlwapi

uxtheme

ole32

oleaut32

gdiplus

oleacc

imm32

winmm

Exports

Exports

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 334KB - Virtual size: 334KB

.data Size: 24KB - Virtual size: 42KB

.rsrc Size: 59KB - Virtual size: 58KB

.reloc Size: 141KB - Virtual size: 140KB

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 334KB - Virtual size: 334KB

.data
Size: 24KB - Virtual size: 42KB

.rsrc
Size: 59KB - Virtual size: 58KB

.reloc
Size: 141KB - Virtual size: 140KB