ac2c81ca8a702fbc88c6107d517261c4

Sharing

Copy URL Twitter E-mail

General

Target

ac2c81ca8a702fbc88c6107d517261c4
Size

692KB
MD5

ac2c81ca8a702fbc88c6107d517261c4
SHA1

a30c32bb174dbbf0ed242cc74fd1de4707d51ec8
SHA256

e9016fd58c18599682c1d35aba2a99a1152c97731ed3b0d00278d13018b8a606
SHA512

37a8fdc0c106f998af80b291f237ae6860bae13e999cf249ffc50d4adc412bec4683f92cb49c419ac2872f269b0cd95b375e6cfbf84b27df364268cb64f89c4e
SSDEEP

12288:3ZLDst3U7s/a5agLg/a+FLojGBAqeDteguKhFHQRoUdGvwNR/hizR111D6VaeP6F:p/+Gs/aoza+FkOATFhMoUlNR8lMVtE

Score

3^/10

pdf link

Malware Config

Signatures

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack002/SignSiS.exe
unpack002/sign.exe

Files

ac2c81ca8a702fbc88c6107d517261c4
.rar
BiNPDA.nfo
BiNSign.zip
.zip
BiN.key
SignSiS.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
sign.exe
.exe windows:4 windows x86 arch:x86

d658743a5c8b4cccdba9d354aba06179

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DuplicateHandle
GetCurrentProcess
GetLastError
DeleteFileA
WideCharToMultiByte
MultiByteToWideChar
GetCurrentDirectoryW
GetFullPathNameW
GetCommandLineA
GetVersion
ExitProcess
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
ReadFile
TerminateProcess
SetFilePointer
WriteFile
HeapSize
GetProcAddress
CloseHandle
FlushFileBuffers
SetHandleCount
GetSystemTime
GetLocalTime
GetStartupInfoA
SetStdHandle
LCMapStringA
LCMapStringW
GetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetTimeZoneInformation
RtlUnwind
IsBadReadPtr
IsBadCodePtr
CreateFileA
GetStringTypeA
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
SetConsoleCtrlHandler
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
RaiseException
GetFileType
GetStdHandle
HeapAlloc
GetCurrentThreadId
GetCurrentProcessId
GlobalMemoryStatus
FreeLibrary
GetVersionExA
GetTickCount
QueryPerformanceCounter
FlushConsoleInputBuffer
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
FindFirstFileA
FindNextFileA
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoW
HeapReAlloc
HeapFree
GetFileAttributesW
GetModuleHandleA
GetEnvironmentStringsW
GetEnvironmentStrings
GetStringTypeW
SetConsoleMode
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
GetConsoleMode
WriteConsoleA

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

gdi32

CreateCompatibleBitmap
SelectObject
GetObjectA
BitBlt
GetBitmapBits
DeleteObject
GetDeviceCaps
CreateCompatibleDC
CreateDCA
DeleteDC

Exports

Exports

??0TCheckedUid@@QAE@ABVTUidType@@@Z
??0TCheckedUid@@QAE@XZ
??0TUidType@@QAE@VTUid@@00@Z
??0TUidType@@QAE@VTUid@@0@Z
??0TUidType@@QAE@VTUid@@@Z
??0TUidType@@QAE@XZ
??0TVersion@@QAE@HHH@Z
??0TVersion@@QAE@XZ
??8TUid@@QBEHABV0@@Z
??8TUidType@@QBEHABV0@@Z
??9TUid@@QBEHABV0@@Z
??9TUidType@@QBEHABV0@@Z
??ATUidType@@QBEABVTUid@@H@Z
?Check@TCheckedUid@@IBEIXZ
?Invariant@User@@SAXXZ
?IsLeapYear@Time@@SAHH@Z
?IsPresent@TUidType@@QBEHVTUid@@@Z
?IsValid@TUidType@@QBEHXZ
?LeapYearsUpTo@Time@@SAHH@Z
?MostDerived@TUidType@@QBE?AVTUid@@XZ
?Set@TCheckedUid@@QAEXABVTUidType@@@Z

Sections

.text
Size: 908KB - Virtual size: 905KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
WebGate.Advanced.Device.Locks.v1.04.58.S60v3.SymbianOS9.1.Unsigned.Cracked-BiNPDA.sis
Webgate.Advanced.Device.Locks.v1.04.User.Manual.pdf.pdf
.pdf
- http://www.webgate.bg/products/adl/trial/
ipmart-forum.com.nfo

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 36KB - Virtual size: 33KB

.rsrc Size: 12KB - Virtual size: 10KB

.reloc Size: 4KB - Virtual size: 12B

d658743a5c8b4cccdba9d354aba06179

Headers

File Characteristics

Imports

kernel32

version

gdi32

Exports

Exports

Sections

.text Size: 908KB - Virtual size: 905KB

.rdata Size: 180KB - Virtual size: 179KB

.data Size: 76KB - Virtual size: 89KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 36KB - Virtual size: 33KB

.rsrc
Size: 12KB - Virtual size: 10KB

.reloc
Size: 4KB - Virtual size: 12B

.text
Size: 908KB - Virtual size: 905KB

.rdata
Size: 180KB - Virtual size: 179KB

.data
Size: 76KB - Virtual size: 89KB

.rsrc
Size: 4KB - Virtual size: 1KB