b455b12c65ef2a22426a8c05da8ed188[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

b455b12c65ef2a22426a8c05da8ed188.bin
Size

1.8MB
MD5

b455b12c65ef2a22426a8c05da8ed188
SHA1

6bd59a7f77c745cb7628841c6a1455994b788a0d
SHA256

c34da8858db6d1d81d5a360cf1ec0dbaa5a19565772c58da1cc994437e007585
SHA512

fe698c4c2a72e53be878ec259d34fb33c85feec26604d2af2371d69137eeac0de16293b3fc2390d435445156cf3a56fcf73e0ed70ebe3f4e2c0566f4d4e0e4b2
SSDEEP

24576:mnXGkOzgiXgMKAsxauKeuIHDc9gWxTTGg:0WPgiXgwsxauK/9X3Gg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b455b12c65ef2a22426a8c05da8ed188.bin

Files

b455b12c65ef2a22426a8c05da8ed188.bin
.exe windows:4 windows x86 arch:x86

302c61d4a25e222ca4c3079310d682a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\DailyBuild\sources\Nero7_OCTANE_RELEASE\Installers\NeroInstaller\redist\x86\SetupX.pdb

Imports

kernel32

TlsFree
GlobalFlags
InterlockedIncrement
GetCPInfo
GetOEMCP
SetErrorMode
GetTickCount
HeapFree
HeapAlloc
VirtualAlloc
GetSystemInfo
VirtualQuery
GetStartupInfoA
ExitProcess
RtlUnwind
HeapReAlloc
GetTimeFormatA
GetDateFormatA
GetSystemTimeAsFileTime
TerminateProcess
SetStdHandle
GetFileType
LocalReAlloc
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
GetStringTypeA
GetStringTypeW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetCurrentProcessId
SetUnhandledExceptionFilter
GetTimeZoneInformation
IsBadCodePtr
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
SetEnvironmentVariableA
GetLocaleInfoW
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
GetFullPathNameA
GetVolumeInformationA
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
LocalAlloc
GetFileSize
FileTimeToLocalFileTime
FileTimeToSystemTime
VirtualProtect
GlobalGetAtomNameA
lstrcmpW
InterlockedDecrement
WritePrivateProfileStringA
GetCurrentThread
lstrcmpA
ConvertDefaultLocale
EnumResourceLanguagesA
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
lstrcpynA
GetCurrentThreadId
GlobalDeleteAtom
GlobalAddAtomA
GlobalFindAtomA
GetCurrentDirectoryA
GetDriveTypeA
GetCommandLineA
GetExitCodeProcess
CreateProcessA
GetFileTime
CreateFileA
GetCurrentProcess
GetTempPathA
SetFileAttributesA
CreateDirectoryA
GetSystemDirectoryA
SetLastError
FindClose
GetUserDefaultLCID
GetSystemDefaultLangID
FreeResource
lstrcatA
WinExec
GetFileAttributesA
GetUserDefaultLangID
GetWindowsDirectoryA
lstrcpyA
LeaveCriticalSection
EnterCriticalSection
IsBadReadPtr
FormatMessageA
LocalFree
GetLongPathNameA
SetThreadLocale
GetModuleFileNameA
GetModuleHandleA
GetVersion
DeleteCriticalSection
CompareStringA
lstrcmpiA
RaiseException
lstrlenW
CompareStringW
GetEnvironmentVariableA
InitializeCriticalSection
lstrlenA
MultiByteToWideChar
CopyFileA
MoveFileA
WaitForSingleObject
DeleteFileA
OutputDebugStringA
Sleep
CloseHandle
GetLastError
CreateMutexA
FindFirstFileA
FreeLibrary
GetProcAddress
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
HeapSize
LoadLibraryA

user32

GetNextDlgGroupItem
InvalidateRgn
CopyAcceleratorTableA
IsRectEmpty
CharNextA
WindowFromPoint
MoveWindow
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
RegisterWindowMessageA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
SendDlgItemMessageA
GetForegroundWindow
GetMessageTime
GetMessagePos
MapWindowPoints
GetMenu
AdjustWindowRectEx
EqualRect
GetClassInfoA
RegisterClassA
CallWindowProcA
IntersectRect
GetWindowPlacement
CopyRect
GetLastActivePopup
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
PeekMessageA
DestroyMenu
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowContextHelpId
SetWindowPos
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
GetDlgItem
GetNextDlgTabItem
EndDialog
DispatchMessageA
TranslateMessage
GetWindowTextLengthA
GetMessageA
UpdateWindow
ShowWindow
DefWindowProcA
PostQuitMessage
SetFocus
CreateWindowExA
GetClassInfoExA
SetForegroundWindow
BringWindowToTop
DrawIcon
IsIconic
wsprintfA
LoadIconA
ExitWindowsEx
FindWindowA
GetTopWindow
SetWindowTextA
WaitForInputIdle
GetDesktopWindow
GetDlgCtrlID
GetWindowLongA
GetClassNameA
GetWindowTextA
IsWindowEnabled
IsDialogMessageA
IsWindowVisible
MapDialogRect
GetWindow
KillTimer
GetCursorPos
SetWindowLongA
PostThreadMessageA
SetTimer
MessageBeep
CopyIcon
DestroyCursor
SetCursor
RedrawWindow
GetWindowRect
DrawFocusRect
InflateRect
SetRectEmpty
PtInRect
GetKeyState
WinHelpA
GetParent
IsChild
RegisterClipboardFormatA
ValidateRect
GetFocus
ScreenToClient
PostMessageA
SendMessageA
MessageBoxA
GetSystemMetrics
SystemParametersInfoA
GetSysColor
EnableWindow
ReleaseCapture
GetSysColorBrush
LoadCursorA
IsWindow
DestroyWindow
SetCapture
InvalidateRect
ReleaseDC
GetDC
GetClientRect
OffsetRect
SetRect
CharUpperA
UnregisterClassA
SetMenuItemBitmaps

gdi32

GetRgnBox
GetMapMode
CreateRectRgnIndirect
GetWindowExtEx
GetViewportExtEx
GetTextColor
GetBkColor
CreateSolidBrush
DeleteDC
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
RectVisible
PtVisible
CreateFontIndirectA
SetMapMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetDeviceCaps
DeleteObject
SelectObject
GetTextExtentPointA
SetTextJustification
TextOutA
GetStockObject
GetObjectA
GetTextExtentPoint32A
CreateFontA

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

advapi32

RegEnumKeyA
RegQueryValueExA
RegOpenKeyExA
RegQueryValueA
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegEnumKeyExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegOpenKeyA
RegCloseKey
RegQueryInfoKeyA
RegDeleteKeyA
RegEnumValueA

shell32

ord680
SHFileOperationA
ShellExecuteA

comctl32

ord17

shlwapi

PathFileExistsA
PathIsDirectoryA
SHCopyKeyA
SHDeleteKeyA
PathFindExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

oledlg

ord8

ole32

CoFreeUnusedLibraries
CoInitialize
CoCreateInstance
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc
OleUninitialize
CLSIDFromProgID
CLSIDFromString
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize

oleaut32

OleCreateFontIndirect
SafeArrayDestroy
VariantCopy
VariantInit
VariantChangeType
SysAllocStringByteLen
SysStringLen
SystemTimeToVariantTime
VarBstrFromDate
SysAllocStringLen
SysFreeString
VariantClear
SysAllocString

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

msi

ord17
ord124
ord103
ord8

Sections

.text
Size: 348KB - Virtual size: 346KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 92KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

302c61d4a25e222ca4c3079310d682a9

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

version

msi

Sections

.text Size: 348KB - Virtual size: 346KB

.rdata Size: 92KB - Virtual size: 89KB

.data Size: 12KB - Virtual size: 25KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.text
Size: 348KB - Virtual size: 346KB

.rdata
Size: 92KB - Virtual size: 89KB

.data
Size: 12KB - Virtual size: 25KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB