72ae4dad97d845c0b05f96d815e2fda4[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

72ae4dad97d845c0b05f96d815e2fda4.bin
Size

1.5MB
MD5

f68c1296f58c5dd90da5f2e1cd61c66c
SHA1

957dbfa0b5210d419c4e846ab6daa9da8ff602b3
SHA256

d21b1bd3593edf13a4fc8b910352a462b6f520d10a1bad3c9a9c679d70e9e5dd
SHA512

ff8f69bbc4d2ca5f887c7a5f07872460f06ab5b866446967f54d34403f9d8b7ca931e22cfb43c61c8485c572e889f7b00533653ecd0a6eb12439365d083952dc
SSDEEP

24576:FEV9OGBhXRUNFVcDScYHBGkQIa7kclRiRS9Cd+m2lR+i7T4KkcCNYj/z04CvFW62:RGBhBUN3c+7/QmjH+/L97T4NAgYP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/5eef7a796512d97875116506862733e389c1d7cef5d3717246ba331a61b9a84b.exe

Files

72ae4dad97d845c0b05f96d815e2fda4.bin
.zip

Password: infected
5eef7a796512d97875116506862733e389c1d7cef5d3717246ba331a61b9a84b.exe
.exe windows:4 windows x86 arch:x86

Password: infected

486ca3f472de32dd22473d52f4331bd8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetDisconnectDialog
WNetConnectionDialog

comctl32

InitCommonControlsEx
ImageList_AddMasked
ImageList_Create
ImageList_Destroy
ImageList_Draw
ImageList_GetIcon
ImageList_GetIconSize
ImageList_Remove
ImageList_ReplaceIcon
ImageList_SetBkColor
CreateToolbarEx

kernel32

GetComputerNameW
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCPInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatW
GetDiskFreeSpaceW
GetEnvironmentStrings
GetEnvironmentStringsW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileType
GetFullPathNameW
GetLastError
GetLocaleInfoA
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetProcAddress
GetShortPathNameW
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemDefaultLangID
GetTempPathW
GetUserDefaultLangID
GetVersionExW
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
HeapAlloc
HeapCreate
HeapFree
HeapReAlloc
HeapSize
GetCommandLineW
InterlockedIncrement
IsValidCodePage
LCMapStringA
LCMapStringW
LoadLibraryW
LocalFree
lstrcpyW
lstrlenW
MapViewOfFile
MoveFileExW
MoveFileW
MulDiv
MultiByteToWideChar
OpenProcess
QueryPerformanceCounter
RaiseException
ReadFile
ReleaseMutex
RemoveDirectoryW
SearchPathW
SetCurrentDirectoryW
SetEndOfFile
SetErrorMode
SetFileAttributesW
SetFilePointer
SetFileTime
SetHandleCount
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
UnhandledExceptionFilter
GetVersion
RtlUnwind
GetBinaryTypeW
GetACP
FreeLibrary
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FormatMessageW
FlushFileBuffers
FindNextFileW
FindFirstFileW
FindClose
ExpandEnvironmentStringsW
ExpandEnvironmentStringsA
ExitProcess
DeviceIoControl
DeleteFileW
DeleteCriticalSection
CreateThread
CreateProcessW
CreateMutexW
CreateFileW
CreateFileMappingW
CreateFileA
CreateDirectoryW
CopyFileW
CompareStringW
CompareStringA
CloseHandle
GetSystemTimeAsFileTime
GetCommandLineA
InitializeCriticalSection
EnterCriticalSection
GetTickCount
LeaveCriticalSection
LoadLibraryA
GetLocalTime
GetTimeZoneInformation
InterlockedDecrement

user32

GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
InsertMenuItemW
InvalidateRect
IsIconic
IsMenu
IsWindow
IsWindowEnabled
IsWindowVisible
KillTimer
LoadBitmapW
LoadCursorW
LoadIconW
LoadImageW
MessageBeep
MessageBoxA
MessageBoxW
MoveWindow
OemToCharBuffW
OpenClipboard
PeekMessageW
PostMessageW
PostQuitMessage
RegisterClassExW
ReleaseCapture
ReleaseDC
ScreenToClient
SendMessageW
SetActiveWindow
SetCapture
SetClassLongW
SetClipboardData
SetCursor
SetDlgItemInt
SetFocus
SetForegroundWindow
SetMenuItemInfoW
SetTimer
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowsHookExW
SetWindowTextA
SetWindowTextW
ShowWindow
SystemParametersInfoW
TrackPopupMenuEx
GetTopWindow
TranslateMessage
UnhookWindowsHookEx
UnregisterClassW
UpdateWindow
VkKeyScanW
WindowFromPoint
WinHelpW
GetMessageW
GetMessageTime
GetMenuItemInfoW
GetMenuItemCount
GetForegroundWindow
GetFocus
GetDlgItemInt
GetDlgItem
GetDesktopWindow
GetDC
GetCursorPos
GetClipboardData
GetClientRect
GetClassLongW
GetClassInfoExW
FrameRect
FindWindowW
FillRect
ExitWindowsEx
EndPaint
EndDialog
EnableWindow
EnableMenuItem
EmptyClipboard
GetActiveWindow
DefWindowProcW
BeginPaint
BringWindowToTop
DrawTextW
DrawStateW
DrawIconEx
DrawIcon
DrawFrameControl
DrawFocusRect
DispatchMessageW
DestroyWindow
DestroyMenu
DestroyIcon
DestroyAcceleratorTable
DeleteMenu
CreateWindowExW
CreatePopupMenu
CreateMenu
CreateAcceleratorTableW
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetScrollInfo
TranslateAcceleratorW
GetParent
CallNextHookEx
CallWindowProcW
CharLowerA
CharLowerW
CharUpperA
CharUpperW
CloseClipboard
CheckMenuRadioItem
CheckMenuItem
DialogBoxParamW

gdi32

Rectangle
SelectObject
SetBkColor
PatBlt
SetTextColor
MoveToEx
CreatePatternBrush
GetTextMetricsW
GetTextExtentPoint32W
GetStockObject
GetObjectW
GetDeviceCaps
CreateCompatibleDC
DeleteObject
DeleteDC
CreateSolidBrush
SetBkMode
CreatePen
CreateCompatibleBitmap
CreateBitmap
LineTo
BitBlt
CreateFontIndirectW

comdlg32

GetSaveFileNameW
ChooseFontW
GetOpenFileNameW

advapi32

RegSetValueExA
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegEnumValueW
RegDeleteValueW
RegDeleteValueA
RegCreateKeyExW
RegCloseKey
OpenProcessToken
LookupPrivilegeValueW
InitiateSystemShutdownW
AdjustTokenPrivileges
RegSetValueExW

shell32

ShellExecuteExW
DragQueryFileW
DragFinish
CommandLineToArgvW
ShellExecuteW

ole32

CoCreateInstance
OleInitialize
OleUninitialize
CoUninitialize
CoInitialize

Sections

.text
Size: 764KB - Virtual size: 761KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 704KB - Virtual size: 704KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.scsi5
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

486ca3f472de32dd22473d52f4331bd8

Headers

File Characteristics

Imports

mpr

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 764KB - Virtual size: 761KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 12KB - Virtual size: 20KB

.rsrc Size: 704KB - Virtual size: 704KB

.scsi5 Size: 1.2MB - Virtual size: 1.2MB

.text
Size: 764KB - Virtual size: 761KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 12KB - Virtual size: 20KB

.rsrc
Size: 704KB - Virtual size: 704KB

.scsi5
Size: 1.2MB - Virtual size: 1.2MB