f5cea7d74d36624df4e136c6c74b30f0[.]bin

General

Target

f5cea7d74d36624df4e136c6c74b30f0.bin
Size

123KB
MD5

6943758eacd07ab416a9e8362c377330
SHA1

7bf423ca111dfd8c88630b955aab52453a153924
SHA256

be63608b2dd6ef065d3db20b272d8128368b2baafe3db0943447ac3ba4071bc9
SHA512

0d90b9a7a03b2caaada41e134d8def3e7b19514612b6993d962978083dcd55221da3bd3fe49a96133ef42d61ed55a0e29e567a00d14057ff83d885d1d0bd86e1
SSDEEP

3072:2k3ot2NcNj/9Wp+me2xQdCUpbfAiaTdvOI31iaT:331WJWp+sQ4UZ4iaTtjPT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/ffc39c3fdbe06c62d04f4853fd2f0dda2e745a2886776b2ee39418c53d764441.dll

Files

f5cea7d74d36624df4e136c6c74b30f0.bin
.zip

Password: infected
ffc39c3fdbe06c62d04f4853fd2f0dda2e745a2886776b2ee39418c53d764441.dll
.dll regsvr32 windows:4 windows x86 arch:x86

Password: infected

86ad46c7c89a3ab2eb81b8a37047ef2e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineW
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetModuleHandleA
GetProcessHeap
GetTickCount
GetUserDefaultLangID
IsValidCodePage
SetLastError
lstrlenW

user32

AnyPopup
GetDoubleClickTime
GetForegroundWindow
GetLastActivePopup
GetTopWindow
GetWindowTextLengthW
IsZoomed

Exports

Exports

DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 153B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 656B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

86ad46c7c89a3ab2eb81b8a37047ef2e

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 79KB

.data Size: 83KB - Virtual size: 83KB

.rdata Size: 18KB - Virtual size: 17KB

.edata Size: 512B - Virtual size: 153B

.idata Size: 1024B - Virtual size: 656B

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 80KB - Virtual size: 79KB

.data
Size: 83KB - Virtual size: 83KB

.rdata
Size: 18KB - Virtual size: 17KB

.edata
Size: 512B - Virtual size: 153B

.idata
Size: 1024B - Virtual size: 656B

.reloc
Size: 9KB - Virtual size: 9KB