binkw32[.]dll | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

binkw32.dll
Size

164KB
MD5

aefcee5d1319929889267a470d261edc
SHA1

5fbb6886b1a7647a65da8c926f1a0d921bb9ccc3
SHA256

6e40138bc8706fa6b9bb5afebe1c3cadba9dcd8784274acc5eb4d02baca319b4
SHA512

c697f5371d11009d25c2067f4affe72a9e29a41303b3926d97857a3b6a4c9363068f166e7c9124c37fcad8da7d1901c8c800914488a5f18bb77f863a835230c9
SSDEEP

3072:c9oybeJkvjvekIVtsrk7rzmCH9et90ndj8lfuwuyMxtLgP2nWuHfO+3hH7YvLP/k:c9oybeJqjvqt77rzmY8r0ndjHBgP2nWK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
binkw32.dll

Files

binkw32.dll
.dll windows:4 windows x86 arch:x86

869715df926e51eb88892a0d01b06219

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\devel\projects\bink\build\binkw32.pdb

Imports

user32

GetTopWindow
GetWindowLongA
GetActiveWindow
GetWindowThreadProcessId
GetWindow
UnregisterClassA
CreateWindowExA
EndPaint
PeekMessageA
ClientToScreen
ReleaseDC
DestroyWindow
SetCursor
DefWindowProcA
GetCursorPos
ScreenToClient
GetWindowRect
IsIconic
GetSystemMetrics
IsWindowVisible
GetClientRect
ChangeDisplaySettingsA
RegisterClassA
ShowCursor
GetDC
GetClassLongA
BeginPaint
MessageBoxA

gdi32

SetStretchBltMode
DeleteDC
CreateDIBSection
GetDeviceCaps
StretchBlt
GetDIBits
GetPixel
SetPixel
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap

kernel32

ResumeThread
ReleaseMutex
HeapFree
HeapAlloc
HeapCreate
DisableThreadLibraryCalls
CreateThread
GetCurrentProcess
TerminateProcess
CloseHandle
ReadFile
SetFilePointer
WaitForSingleObject
SetEvent
CreateEventA
SetThreadPriority
WaitForMultipleObjects
CreateMutexA
LocalAlloc
InterlockedExchange
GetLastError
GetModuleHandleA
GetWindowsDirectoryA
GetSystemDirectoryA
GetModuleFileNameA
GetProcAddress
LoadLibraryA
SetErrorMode
FreeLibrary
RaiseException
Sleep
GetCurrentProcessId
OutputDebugStringA
QueryPerformanceFrequency
QueryPerformanceCounter
GetTickCount
CreateFileA

winmm

waveOutRestart
waveOutPause
waveOutWrite
waveOutClose
timeGetTime
timeEndPeriod
timeBeginPeriod
waveOutSetVolume
waveOutUnprepareHeader
waveOutOpen
waveOutPrepareHeader
waveOutReset

Exports

Exports

_BinkBufferBlit@12
_BinkBufferCheckWinPos@12
_BinkBufferClear@8
_BinkBufferClose@4
_BinkBufferGetDescription@4
_BinkBufferGetError@0
_BinkBufferLock@4
_BinkBufferOpen@16
_BinkBufferSetDirectDraw@8
_BinkBufferSetHWND@8
_BinkBufferSetOffset@12
_BinkBufferSetResolution@12
_BinkBufferSetScale@12
_BinkBufferUnlock@4
_BinkCheckCursor@20
_BinkClose@4
_BinkCloseTrack@4
_BinkControlBackgroundIO@8
_BinkControlPlatformFeatures@8
_BinkCopyToBuffer@28
_BinkCopyToBufferRect@44
_BinkDDSurfaceType@4
_BinkDX8SurfaceType@4
_BinkDX9SurfaceType@4
_BinkDoFrame@4
_BinkGetError@0
_BinkGetFrameBuffersInfo@8
_BinkGetKeyFrame@12
_BinkGetPalette@4
_BinkGetRealtime@12
_BinkGetRects@8
_BinkGetSummary@8
_BinkGetTrackData@8
_BinkGetTrackID@8
_BinkGetTrackMaxSize@8
_BinkGetTrackType@8
_BinkGoto@12
_BinkIsSoftwareCursor@8
_BinkLogoAddress@0
_BinkNextFrame@4
_BinkOpen@8
_BinkOpenDirectSound@4
_BinkOpenMiles@4
_BinkOpenTrack@8
_BinkOpenWaveOut@4
_BinkPause@8
_BinkRegisterFrameBuffers@8
_BinkRestoreCursor@4
_BinkService@4
_BinkSetError@4
_BinkSetFrameRate@8
_BinkSetIO@4
_BinkSetIOSize@4
_BinkSetMemory@8
_BinkSetMixBinVolumes@20
_BinkSetMixBins@16
_BinkSetPan@12
_BinkSetSimulate@4
_BinkSetSoundOnOff@8
_BinkSetSoundSystem@8
_BinkSetSoundTrack@8
_BinkSetVideoOnOff@8
_BinkSetVolume@12
_BinkShouldSkip@4
_BinkWait@4
_RADTimerRead@0

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKY12
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKY16
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINKP8
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK16
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BINK32
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BINKBSS
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

BINKDATA
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

869715df926e51eb88892a0d01b06219

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

user32

gdi32

kernel32

winmm

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 4KB

BINK Size: 88KB - Virtual size: 87KB

BINKY12 Size: 512B - Virtual size: 432B

BINKY16 Size: 2KB - Virtual size: 2KB

BINKP8 Size: 2KB - Virtual size: 2KB

BINK16 Size: 4KB - Virtual size: 4KB

BINK32 Size: 5KB - Virtual size: 4KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 512B - Virtual size: 4KB

BINKBSS Size: 20KB - Virtual size: 19KB

BINKDATA Size: 16KB - Virtual size: 16KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 4KB

BINK
Size: 88KB - Virtual size: 87KB

BINKY12
Size: 512B - Virtual size: 432B

BINKY16
Size: 2KB - Virtual size: 2KB

BINKP8
Size: 2KB - Virtual size: 2KB

BINK16
Size: 4KB - Virtual size: 4KB

BINK32
Size: 5KB - Virtual size: 4KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 4KB

BINKBSS
Size: 20KB - Virtual size: 19KB

BINKDATA
Size: 16KB - Virtual size: 16KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 4KB