dba60ef49a61f7b63a5ee327ea51f24e[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

dba60ef49a61f7b63a5ee327ea51f24e.bin
Size

49KB
MD5

d3307c183685b2e7b9ce7b2325e7f577
SHA1

60d344588b6d20d79bcb6f84faf1544461e8d497
SHA256

2d07211a690211d785c49c3231c9cb086ceafc5c376014aa2e273265d3869a66
SHA512

7388ab70a6dac62332bbe6e1df4ad70074f0522add8585c3b32397498f1e252afbe54c5306eead950cff7312831f828df5241cfeec0373ba1927031edb2dafa2
SSDEEP

1536:HSl6kQ+z7vVWvpnfcNk6ioABXOqCr1upp:HSl61+z7NWv5ok6ioABX+rEv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/cb044ce5631c5204667e8f1c7c2a4a348790cffc64afde8e2c0e8e03d16e3d9b.exe

Files

dba60ef49a61f7b63a5ee327ea51f24e.bin
.zip

Password: infected
cb044ce5631c5204667e8f1c7c2a4a348790cffc64afde8e2c0e8e03d16e3d9b.exe
.exe windows:4 windows x86 arch:x86

Password: infected

e29216111be8758f004d4ae8b6c1fd97

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

sndPlaySoundA
mciSendStringA

kernel32

QueryPerformanceCounter
VirtualQuery
VirtualProtect
GetLocaleInfoA
CreateFileA
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCPInfo
GetOEMCP
GetACP
GetFileType
GetStdHandle
SetHandleCount
ReadFile
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
GetCurrentThreadId
SetFilePointer
GetCurrentProcess
TerminateProcess
ExitProcess
WriteFile
CloseHandle
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetStartupInfoA
GetModuleHandleA
HeapReAlloc
CreateDirectoryA
SetCurrentDirectoryA
SetEnvironmentVariableA
GetLastError
GetFullPathNameA
GetCurrentDirectoryA
GetDriveTypeA
HeapAlloc
HeapFree
GetCurrentProcessId
GetSystemTimeAsFileTime
lstrlenA
lstrcpyA
lstrcmpA
lstrcpynA
GetShortPathNameA
GetCommandLineA
GetModuleFileNameA
Sleep
RtlUnwind
FreeLibrary
LoadLibraryA
GetProcAddress
WinExec
GetTickCount
FindFirstFileA
FindNextFileA
FindClose
DeleteFileA
GetLocalTime
GetSystemInfo
GlobalMemoryStatus
GetVersion
GetComputerNameA
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
SetEndOfFile
HeapSize
LCMapStringA

user32

GetSystemMenu
AppendMenuA
TranslateMessage
PeekMessageA
FindWindowA
DestroyWindow
GetFocus
SetFocus
DispatchMessageA
GetMessageA
CharUpperA
SendMessageA
SetTimer
LoadIconA
RegisterClassA
UpdateWindow
SetScrollRange
ShowScrollBar
ScrollWindow
SetScrollPos
KillTimer
PostQuitMessage
DefWindowProcA
InvalidateRect
IsWindowEnabled
GetActiveWindow
ShowWindow
SetActiveWindow
SetWindowPos
GetAsyncKeyState
GetSysColor
ShowCursor
SetCursorPos
GetClientRect
GetDlgCtrlID
GetDlgItemTextA
GetWindowTextA
IsDlgButtonChecked
EnumDisplaySettingsA
ChangeDisplaySettingsA
GetCursorPos
MessageBoxA
wsprintfA
FillRect
LoadCursorA
SetCursor
BeginPaint
EndPaint
GetDC
ReleaseDC
GetSystemMetrics
MoveWindow
GetWindowRect
GetWindowLongA
SetWindowLongA
CallWindowProcA
CreateWindowExA
PostMessageA
GetMenu
SetWindowTextA

gdi32

SetPixel
GetPixel
SetStretchBltMode
StretchBlt
StretchDIBits
Rectangle
RealizePalette
BitBlt
DeleteDC
SelectPalette
SetDIBColorTable
CreatePalette
SetBkMode
LineTo
CreateSolidBrush
CreatePen
GetTextMetricsA
SelectObject
CreateFontIndirectA
DeleteObject
TextOutA
GetTextExtentPoint32A
GetTextExtentPointA
CreateCompatibleDC
CreateDIBSection
GetDeviceCaps
SetTextColor
GetStockObject
MoveToEx

comdlg32

GetOpenFileNameA
GetSaveFileNameA
ChooseColorA

advapi32

GetUserNameA

shell32

ShellExecuteA
ShellExecuteExA

Exports

Exports

_ll_callfunc@16

Sections

.text
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

e29216111be8758f004d4ae8b6c1fd97

Headers

File Characteristics

Imports

winmm

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Exports

Exports

Sections

.text Size: 77KB - Virtual size: 76KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 3KB - Virtual size: 26KB

.rsrc Size: 1024B - Virtual size: 944B

.text
Size: 77KB - Virtual size: 76KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 3KB - Virtual size: 26KB

.rsrc
Size: 1024B - Virtual size: 944B