c6ee7e7821144d893e8f11a9ed715767[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

c6ee7e7821144d893e8f11a9ed715767.bin
Size

125KB
MD5

c6ee7e7821144d893e8f11a9ed715767
SHA1

36f34fac388a94a33f1cc34b583fdc7013b9b673
SHA256

a219b948b4e9e5faebbfc465b7b098c1871403b2c7a83730b2f803a4c2f093ab
SHA512

c4a80712b7a007df96a07a29096ce8e688b27f63ef9987a7fa27b221afb89b969765463a352556aa7ce11c8f0164bfb1d879b920f4cbbc177da1bcb1ef64729c
SSDEEP

3072:rKMdaJletZDIaiotuW0/EPEP+L87Kv+/bDxV5V+Lp:/aOtnuWZqUK1DV+Lp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c6ee7e7821144d893e8f11a9ed715767.bin

Files

c6ee7e7821144d893e8f11a9ed715767.bin
.exe windows:5 windows x86 arch:x86

5ef0f40b3ffae87a130bd0f6c9a90b35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

DrawEscape
SetBoundsRect
SetTextAlign
GDI32.dll
msvcrt.dll
SetROP2
BeginPath
version.dll
UpdateColors

kernel32

SetErrorMode
LockResource
SizeofResource
GlobalHandle
GetCurrentThreadId
SetStdHandle
GetStringTypeA
CompareStringW
VirtualAlloc
GetTickCount
CreateEventW
LoadLibraryW
SearchPathA
HeapReAlloc
FreeLibrary
VirtualFree
GetThreadTimes
QueryPerformanceCounter
GetLocalTime
LoadResource
GetStringTypeW
GetTempFileNameA
GetFileSize
GlobalUnlock
SetThreadPriority
GetVersionExA
ExitProcess
UnmapViewOfFile
GetVersionExW
IsBadWritePtr
GetShortPathNameA
GetLastError
WriteConsoleA
SetHandleCount

ntdll

wcscpy
DbgBreakPoint
wcslen
NtClose
RtlIntegerToUnicodeString
NtQueryInformationProcess
wcscat
RtlOemStringToUnicodeString
RtlCompareMemory
NtCreateEvent

version

GetFileVersionInfoSizeA
GetFileVersionInfoSizeW
VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoW

advapi32

RegOpenKeyW
RegQueryInfoKeyA
RegFlushKey
AllocateAndInitializeSid
RegSetValueExA
LookupAccountSidW
RegEnumKeyExA
ChangeServiceConfigA
RegCreateKeyExA
FreeSid
GetTokenInformation
RegDeleteKeyA
CloseServiceHandle
RegEnumValueA
RegQueryInfoKeyW
RegEnumValueW
RegQueryValueExW
RegCreateKeyW
GetSecurityDescriptorControl
RegDeleteKeyW
RegCloseKey
RegDeleteValueA

user32

SetMenu
GetSystemMenu
UnregisterClassA
EndPaint
EnableMenuItem
GetActiveWindow
GetDC
ReleaseCapture
GetSystemMetrics
CharPrevW
SetRect

gdi32

GetDIBColorTable
CreateBitmapIndirect
GetNearestColor
SetTextColor
GetBitmapBits
GetObjectA
GetMapMode
GetDCOrgEx
GetDIBits
IntersectClipRect
GetLayout
GetBrushOrgEx
SetLayout
GetTextFaceW
PatBlt
GetEnhMetaFilePaletteEntries
SetROP2
Ellipse
CloseMetaFile
GetViewportExtEx
GetTextExtentPoint32W
CreateRectRgnIndirect
SetWindowOrgEx
StretchBlt
GetTextCharsetInfo
GetTextExtentPointW
EndDoc
SetICMMode

msvcrt

__p___initenv
wcschr
_strnicmp
_chsize
_wtol
div
_write
_stricmp
_fileno
abort
localtime
fprintf
__unDName
_iob
ftell
_itow
wcsncat

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 38KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 32KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ef0f40b3ffae87a130bd0f6c9a90b35

Headers

File Characteristics

Imports

kernel32

ntdll

version

advapi32

user32

gdi32

msvcrt

Sections

.text Size: 34KB - Virtual size: 33KB

.data Size: 2KB - Virtual size: 2KB

.rdata Size: 11KB - Virtual size: 37KB

.idata Size: 38KB - Virtual size: 64KB

.bss Size: 32KB - Virtual size: 58KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 34KB - Virtual size: 33KB

.data
Size: 2KB - Virtual size: 2KB

.rdata
Size: 11KB - Virtual size: 37KB

.idata
Size: 38KB - Virtual size: 64KB

.bss
Size: 32KB - Virtual size: 58KB

.rsrc
Size: 5KB - Virtual size: 4KB