fd379c5ed778ea1000da0b8c9458f7f8[.]bin

Resubmissions

20-02-2024 03:50

240220-edxl7sae31 10

10-02-2024 02:40

240210-c55e1sga4v 5

Sharing

Copy URL

Twitter E-mail

General

Target

fd379c5ed778ea1000da0b8c9458f7f8.bin
Size

733KB
MD5

0ee14e4fd154882e95e10e6b82e6e9a6
SHA1

4d768e35be677afd1a5d942e338eb13b363ec750
SHA256

0125d9745eb16ef6315ff260ba544d6e0cf35d217de279e17f3fdc7b4a8e7b1c
SHA512

9c7c51cfd40326df792ee570f026dd7d60ca69c7e656e408a4ace971cc1feeb68a2dca9d2bf2611ea674676aea14b8e637a68c460175d98bb817b59f30e47c9a
SSDEEP

12288:KxSL+qifQZ0e6/Pah4VbutjCJmK1o771ljHelQJRHm8ssw43mqxh8LeambhSU+5g:Ka220//Pah4Vb2KV1o7lb7SUmbeuU+5g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ca5fb5814ec62c8f04936740aabe2664b3c7d036203afbd8425cd67cf1f4b79d.exe

Files

fd379c5ed778ea1000da0b8c9458f7f8.bin
.zip

Password: infected
ca5fb5814ec62c8f04936740aabe2664b3c7d036203afbd8425cd67cf1f4b79d.exe
.exe windows:6 windows x86 arch:x86

Password: infected

639b8ce85c0ddfcaca9633440db01cad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\cpp\Notepad3\Bin\Release_x86_v143\grepWinNP3.pdb

Imports

shlwapi

PathRelativePathToW
SHGetValueW
AssocQueryStringW
StrFormatByteSizeW
PathCompactPathExW
SHAutoComplete
PathRemoveFileSpecW
PathAppendW
SHDeleteKeyW
PathIsRootW
PathCanonicalizeW
PathIsRelativeW
PathIsURLW
PathIsDirectoryW
PathFileExistsW
SHSetValueW
StrCmpLogicalW

uxtheme

CloseThemeData
GetThemeInt
GetThemeBackgroundContentRect
SetWindowTheme
OpenThemeData
GetThemeColor
BeginBufferedPaint
BufferedPaintSetAlpha
EndBufferedPaint
DrawThemeBackground

kernel32

lstrlenW
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
GetCurrentThreadId
GetFullPathNameW
GetLongPathNameW
GetShortPathNameW
GetModuleFileNameW
CreateFileW
CloseHandle
CreateDirectoryW
GetCurrentDirectoryW
Sleep
SetCurrentDirectoryW
FormatMessageW
GetTickCount64
GetWindowsDirectoryW
GetCurrentProcess
GetFileTime
WriteFile
SetFileTime
GetFileSizeEx
GlobalMemoryStatusEx
ReadFile
WideCharToMultiByte
GetFileSize
FlushFileBuffers
SetFilePointer
SetEndOfFile
GetCommandLineW
SetDllDirectoryW
CreateMutexW
GetSystemDirectoryW
SystemTimeToFileTime
SetErrorMode
GetUserDefaultLCID
GetStringTypeExW
LoadLibraryA
LCMapStringW
ExpandEnvironmentStringsW
OutputDebugStringW
QueryPerformanceCounter
QueryPerformanceFrequency
GetStringTypeExA
LCMapStringA
GetSystemTime
FileTimeToSystemTime
CreateThread
CreateProcessW
GetFileInformationByHandle
CompareFileTime
CopyFileW
GetFileAttributesW
SetFileAttributesW
MoveFileExA
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
GetDateFormatW
GetTimeFormatW
CreateFileA
CreateFileMappingW
MapViewOfFile
GlobalAddAtomW
GlobalUnlock
GetOEMCP
GetACP
IsValidCodePage
HeapReAlloc
EnumSystemLocalesW
IsValidLocale
GetLocaleInfoW
CompareStringW
ReadConsoleW
GetConsoleMode
GetConsoleOutputCP
SetFilePointerEx
GetFileType
HeapAlloc
HeapFree
GetStdHandle
ExitProcess
SetEnvironmentVariableW
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
RtlUnwind
CreateFileMappingA
GetModuleHandleA
MapViewOfFileEx
TerminateProcess
InitializeSListHead
GetCurrentProcessId
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetSystemTimeAsFileTime
LCMapStringEx
DecodePointer
EncodePointer
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
RaiseException
IsProcessorFeaturePresent
GetModuleHandleExW
CloseThreadpoolWork
SubmitThreadpoolWork
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
GetNativeSystemInfo
InitOnceBeginInitialize
InitOnceComplete
TryAcquireSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetStringTypeW
FormatMessageA
lstrcpyW
GlobalFree
GlobalLock
GlobalAlloc
FindNextFileW
FindClose
FindFirstFileW
FindFirstFileExW
lstrcpynW
GetModuleHandleW
MulDiv
GetLastError
GetProcAddress
FreeLibrary
LoadLibraryW
SetLastError
VerifyVersionInfoW
VerSetConditionMask
LocalFree
LocalAlloc
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
SetStdHandle
HeapSize
WriteConsoleW
DeleteAtom
UnmapViewOfFile

user32

GetSysColor
PostMessageW
CheckDlgButton
GetKeyState
RedrawWindow
CreatePopupMenu
CheckMenuItem
LoadIconA
CreateWindowExA
CheckRadioButton
SendDlgItemMessageW
AppendMenuW
DestroyMenu
SetCursor
GetClassNameW
InvalidateRgn
BeginPaint
GetClientRect
GetWindowLongW
SendMessageW
GetWindowTextLengthW
GetWindowTextW
EndPaint
DrawTextW
InflateRect
GetWindowRect
GetCursorPos
GetDCEx
LoadStringA
SetTimer
PtInRect
GetFocus
GetSystemMetrics
IntersectRect
MapWindowPoints
GetParent
GetDC
ReleaseDC
ScreenToClient
SystemParametersInfoW
DialogBoxParamW
CreateDialogParamW
EnableWindow
ShowWindow
BringWindowToTop
SetForegroundWindow
LoadAcceleratorsW
GetMessageW
TranslateAcceleratorW
IsDialogMessageW
TranslateMessage
DispatchMessageW
PostQuitMessage
DestroyWindow
EndDialog
SetFocus
KillTimer
IsDlgButtonChecked
EnumWindows
RegisterWindowMessageW
TrackPopupMenu
GetSubMenu
LoadMenuW
ClientToScreen
CreateDialogIndirectParamW
GetWindowPlacement
GetDesktopWindow
CopyRect
LoadStringW
SetDlgItemTextW
DrawIconEx
GetSysColorBrush
SetClipboardData
EmptyClipboard
OpenClipboard
CloseClipboard
EnumDisplayMonitors
GetMonitorInfoW
SetWindowTextW
SetMenuItemInfoW
GetMenuItemInfoW
GetMenuItemCount
GetSystemMenu
EnumThreadWindows
EnumChildWindows
CloseWindow
LoadCursorW
InsertMenuW
SetCapture
ReleaseCapture
DrawFocusRect
RemovePropW
GetPropW
SetPropW
RegisterClipboardFormatW
IsZoomed
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
InvalidateRect
SetWindowRgn
CallWindowProcW
SetWindowPlacement
MoveWindow
GetWindowDC
SetLayeredWindowAttributes
MessageBoxW
SetCursorPos
GetDlgItemTextW
DefDlgProcW
CreateWindowExW
SetWindowLongW
GetDlgItem
LoadImageW
SetWindowPos
OffsetRect

gdi32

CombineRgn
SetRectRgn
CreateRectRgnIndirect
CreateRectRgn
SetBkMode
CreateFontIndirectW
GetObjectW
ExtTextOutW
SetBkColor
GetDeviceCaps
SetTextColor
EnumFontsW
CreateSolidBrush
SelectObject
DeleteObject
PatBlt

comdlg32

GetOpenFileNameW

advapi32

RegCloseKey
RegOpenKeyW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegDeleteValueW
CryptAcquireContextW
RegOpenKeyExW
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptReleaseContext
CryptCreateHash

shell32

DragQueryFileW
ord701
SHGetDesktopFolder
SHGetFolderPathW
SHGetFileInfoW
CommandLineToArgvW
ShellExecuteW
ShellExecuteExW
SHGetKnownFolderPath
SHCreateItemFromParsingName

ole32

CoCreateInstance
ReleaseStgMedium
OleDuplicateData
DoDragDrop
CoUninitialize
OleInitialize
OleUninitialize
RegisterDragDrop
CoTaskMemFree
CoTaskMemAlloc
CoInitializeEx

gdiplus

GdipDeleteGraphics
GdipCreateFromHDC
GdipAddPathArcI
GdipClosePathFigure
GdipStartPathFigure
GdipResetPath
GdipDeletePath
GdipCreatePath
GdipSetPenDashStyle
GdipDeletePen
GdipCreatePen1
GdipDrawRectangleI
GdipAlloc
GdipFree
GdiplusShutdown
GdiplusStartup
GdipDrawPath

comctl32

ord412
ord410
ord413
InitCommonControlsEx
ord381
ImageList_GetImageCount
ImageList_GetImageInfo

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

Sections

.text
Size: 991KB - Virtual size: 991KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 174KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

639b8ce85c0ddfcaca9633440db01cad

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shlwapi

uxtheme

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

gdiplus

comctl32

version

Sections

.text Size: 991KB - Virtual size: 991KB

.rdata Size: 115KB - Virtual size: 115KB

.data Size: 15KB - Virtual size: 23KB

.rsrc Size: 174KB - Virtual size: 174KB

.reloc Size: 31KB - Virtual size: 31KB

.text
Size: 991KB - Virtual size: 991KB

.rdata
Size: 115KB - Virtual size: 115KB

.data
Size: 15KB - Virtual size: 23KB

.rsrc
Size: 174KB - Virtual size: 174KB

.reloc
Size: 31KB - Virtual size: 31KB