f36bdfd727f29ec71964ac7a67d8fc18[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

f36bdfd727f29ec71964ac7a67d8fc18.bin
Size

57.6MB
MD5

39aac8e7f20457036420c0427f2b309d
SHA1

40c98aa1bdbcb1d0933fe51c4c06fee87b8adfbb
SHA256

650d84e26a7d1e77d71aa485888ec31359b54fa4164cdfb1aacdd803cd2652f4
SHA512

3e0fc40a0b59dd996f309fb7936826e32fe53f024ba3093bfcebd458a79e516652a382b68b69200861ad724e26609cc4ff198f9461a9ffb93a3e84b4836223be
SSDEEP

786432:rICVAl1+Mvv/GjVXChdTgZXQLONzY5AB6EFf0iiWOG/d8bk0+DoFpDWKp13:rtVAl17vv/SVXCfwXtbUEFMi/Kk6pV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/05c96dbbc1f5d6d5fb6ec17e25a05b8a6bd5abb205a443232cb81c3d645dbf7d.exe

Files

f36bdfd727f29ec71964ac7a67d8fc18.bin
.zip

Password: infected
05c96dbbc1f5d6d5fb6ec17e25a05b8a6bd5abb205a443232cb81c3d645dbf7d.exe
.exe windows:5 windows x86 arch:x86

Password: infected

043d139d3bff7d751031846083ad1c61

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalSize
PulseEvent
FindCloseChangeNotification
OpenEventA
FindFirstChangeNotificationA
ResetEvent
FindNextChangeNotification
WaitForMultipleObjectsEx
CreateThread
CreateEventA
GlobalReAlloc
lstrcpyA
SetThreadPriority
GetProcessHeap
RtlUnwind
GetCommandLineA
GetStartupInfoA
LocalFileTimeToFileTime
MoveFileA
DeleteFileA
RemoveDirectoryA
FlushFileBuffers
GetSystemTimeAsFileTime
SetFileTime
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetFullPathNameA
SetEnvironmentVariableA
GetTimeZoneInformation
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetStdHandle
ExitProcess
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
DeleteCriticalSection
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapSize
SetStdHandle
EnterCriticalSection
LeaveCriticalSection
PeekNamedPipe
GetConsoleCP
GetConsoleMode
VirtualAlloc
LCMapStringA
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
SetEndOfFile
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
CreateDirectoryA
DosDateTimeToFileTime
UnmapViewOfFile
SystemTimeToFileTime
WriteFile
CreateFileMappingA
MapViewOfFile
GetFileType
GetFileSize
SetFilePointer
ReadFile
GetDateFormatA
lstrlenA
LocalAlloc
InterlockedIncrement
GetProfileStringA
GetVolumeInformationA
MulDiv
GlobalAlloc
InterlockedDecrement
TerminateProcess
GetSystemDirectoryA
SetLastError
OpenProcess
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
GetCurrentProcess
GetCurrentThread
DuplicateHandle
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFileInformationByHandle
FileTimeToDosDateTime
GlobalFree
FatalExit
GetCurrentThreadId
GlobalLock
GlobalUnlock
GetVersion
GetModuleFileNameA
WinExec
GetLocaleInfoA
GetVersionExA
LoadLibraryA
FreeLibrary
GetComputerNameA
FindNextFileA
CopyFileA
GetFileAttributesA
SetFileAttributesA
FindFirstFileA
FindClose
GetTempPathA
GetLongPathNameA
GetModuleHandleA
GetProcAddress
GetDiskFreeSpaceA
GetLogicalDrives
GetDriveTypeA
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetShortPathNameA
CreateFileA
CloseHandle
HeapReAlloc
HeapFree
HeapCreate
HeapAlloc
ExpandEnvironmentStringsA
WideCharToMultiByte
MultiByteToWideChar
GetLastError
FormatMessageA
GetLocalTime
Sleep
UnhandledExceptionFilter
GetTickCount

user32

DrawTextA
SendInput
GetKeyboardState
VkKeyScanA
GetSysColorBrush
GetCursorPos
ValidateRect
WindowFromPoint
SetMenuItemInfoA
RegisterClipboardFormatA
GetMessageTime
RemovePropA
GetPropA
FindWindowExA
SetPropA
LockWindowUpdate
DrawMenuBar
DestroyMenu
CreateMenu
EnableMenuItem
GetMenuState
SetMenu
SetMenuInfo
IsClipboardFormatAvailable
CallWindowProcA
SetRect
GetScrollInfo
IntersectRect
IsRectEmpty
PtInRect
InvertRect
IsIconic
GetForegroundWindow
AttachThreadInput
BringWindowToTop
SetForegroundWindow
wsprintfA
RegisterClassA
GetSystemMenu
CreatePopupMenu
InsertMenuA
AppendMenuA
RegisterWindowMessageA
DefWindowProcA
SystemParametersInfoA
GetWindowDC
IsChild
CheckMenuItem
AdjustWindowRectEx
IsZoomed
GetMenu
AdjustWindowRect
WaitMessage
ScreenToClient
IsWindowEnabled
IsWindowVisible
EnumWindows
GetWindow
GetWindowThreadProcessId
FindWindowA
CreateDialogParamA
KillTimer
SetWindowsHookExA
GetAsyncKeyState
DialogBoxParamA
MessageBeep
LoadIconA
CallNextHookEx
UnhookWindowsHookEx
RedrawWindow
EndDialog
GetSystemMetrics
DestroyWindow
CreateWindowExA
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
DrawIcon
BeginPaint
EndPaint
ClientToScreen
GetSysColor
CopyImage
DrawTextExA
LoadBitmapA
GetMessageA
IsDialogMessageA
GetFocus
GetParent
IsWindow
MsgWaitForMultipleObjects
GetActiveWindow
GetKeyState
WinHelpA
SetWindowTextA
EnableWindow
PeekMessageA
TranslateMessage
DispatchMessageA
GetDC
ReleaseDC
MessageBoxA
GetClientRect
PostMessageA
SendMessageA
InvalidateRect
ShowWindow
UnregisterClassA
GetDesktopWindow
SetWindowPos
GetWindowRect
MoveWindow
GetWindowTextLengthA
GetWindowTextA
GetWindowLongA
SetWindowLongA
UpdateWindow
ReleaseCapture
SetCursor
SetCapture
LoadCursorA
SetFocus
PostQuitMessage
LoadImageA
SetCursorPos
GetMessagePos
DrawFocusRect
OffsetRect
SetScrollPos
ScrollWindow
ChildWindowFromPoint
SetScrollInfo
ShowScrollBar
GetCapture
TrackPopupMenu
DrawIconEx
DestroyIcon
AnimateWindow
GetDlgItem
DeleteMenu
SetTimer

gdi32

GetStockObject
CreatePen
DeleteObject
CreateSolidBrush
GetObjectA
CreateFontIndirectA
CreateICA
CreateHatchBrush
CreatePatternBrush
DeleteDC
TextOutA
SelectObject
SetTextJustification
BitBlt
StretchBlt
CreateCompatibleDC
CreateBitmap
GetPixel
PatBlt
GetNearestColor
CreateDCA
SelectPalette
CreatePalette
GetPaletteEntries
CreateCompatibleBitmap
Rectangle
RoundRect
Ellipse
GetEnhMetaFileBits
DeleteEnhMetaFile
CopyEnhMetaFileA
PlayEnhMetaFile
GetEnhMetaFileHeader
SetTextCharacterExtra
CreateEnhMetaFileA
SetPixel
SetEnhMetaFileBits
GetEnhMetaFileA
SetWinMetaFileBits
GetMetaFileBitsEx
CombineRgn
CreateRectRgn
CreateFontA
PtInRegion
CreatePolygonRgn
ExcludeClipRect
ExtTextOutA
SetTextAlign
Polygon
SelectClipRgn
SetRectRgn
CreateRectRgnIndirect
RealizePalette
SetDIBitsToDevice
EndPage
EndDoc
StartDocA
StartPage
GetDIBits
StretchDIBits
IntersectClipRect
GetClipRgn
RestoreDC
SaveDC
SetROP2
GetClipBox
Polyline
PolyPolygon
PolyPolyline
EnumFontFamiliesExA
SetMapMode
CloseMetaFile
DeleteMetaFile
CopyMetaFileA
PlayMetaFile
CreateMetaFileA
SetMetaFileBitsEx
GetMetaFileA
SetBkMode
SetBkColor
SetTextColor
GetDeviceCaps
GetTextMetricsA
Pie
Arc
MoveToEx
CloseEnhMetaFile
GetTextExtentPoint32A
LineTo

shell32

ExtractIconExA
DragQueryFileA
DragFinish
DragAcceptFiles
SHChangeNotify
FindExecutableA
SHGetDesktopFolder
ShellExecuteExA
ShellExecuteA
SHFileOperationA
SHGetMalloc
SHBrowseForFolderA
SHGetPathFromIDListA
ExtractIconA
SHGetFolderPathA

comctl32

_TrackMouseEvent

winmm

timeGetTime

oledlg

ord3

msimg32

GradientFill

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

winspool.drv

ClosePrinter
OpenPrinterA
EnumPrintersA
DocumentPropertiesA

comdlg32

CommDlgExtendedError
GetOpenFileNameA
GetSaveFileNameA
ChooseFontA
ChooseColorA
PrintDlgA
FindTextA
ReplaceTextA

advapi32

RegCreateKeyExA
RegCloseKey
GetUserNameA
RegQueryValueExA
RegSetValueExA
RegDeleteKeyA
RegOpenKeyExA

ole32

CoTaskMemFree
RevokeDragDrop
RegisterDragDrop
ReleaseStgMedium
OleCreate
CoGetClassObject
OleRun
OleInitialize
CoCreateInstance
CreateStreamOnHGlobal
OleSave
CoUninitialize
OleUninitialize
OleBuildVersion
CoInitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgCreateDocfile
DoDragDrop
CLSIDFromProgID

oleaut32

VariantChangeType
SysAllocString
VariantClear
SysFreeString
VariantInit
VariantCopy
SafeArrayPutElement
SafeArrayCreate
SysAllocStringByteLen
SysStringByteLen
SysStringLen
SafeArrayUnaccessData
SafeArrayAccessData
GetErrorInfo

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 242KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

043d139d3bff7d751031846083ad1c61

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comctl32

winmm

oledlg

msimg32

version

winspool.drv

comdlg32

advapi32

ole32

oleaut32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 242KB - Virtual size: 241KB

.data Size: 26KB - Virtual size: 164KB

.rsrc Size: 1.7MB - Virtual size: 1.7MB

.reloc Size: 71KB - Virtual size: 70KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 242KB - Virtual size: 241KB

.data
Size: 26KB - Virtual size: 164KB

.rsrc
Size: 1.7MB - Virtual size: 1.7MB

.reloc
Size: 71KB - Virtual size: 70KB