b3fr893nf73[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

b3fr893nf73.zip
Size

653KB
MD5

1c7fe899bf64737cf5a1c4902ec94228
SHA1

ee1dfed361188a8b69c58cb83809a1ffd42d6614
SHA256

da859a807247dd3b63c900720e7e2f80688e1a42f2b42dbf2c73ca3e530df56f
SHA512

d4d544dc44f2a2cd63526da97c21a603e78c00e6792d9fbc37bda0bbfbc22de0bc59fd0ae621a545fba326f8fa33c7756e7f737d51946a30736bddec573bba30
SSDEEP

12288:1NRe8kZHfGFqwcnw6iGzzzp81eLaRQ236eaX/qU8rtdzixEs6X:1NRe82H0qmQPpohRQ23APMrz8BA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/hash_crack.dll

Files

b3fr893nf73.zip
.zip
__MACOSX/._hash_crack.dll
hash_crack.dll
.dll windows:6 windows x64 arch:x64

f3dceb3eb552c4485c9cedf2bfdc04fc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Hash Client\Output\Hash Client.pdb

Imports

jvm

JNI_GetCreatedJavaVMs

winmm

timeGetTime

opengl32

glGetIntegerv
glPopMatrix
glEnableClientState
glPopAttrib
glPolygonMode
glBindTexture
glGenTextures
glVertexPointer
glEnable
glScissor
glDisableClientState
glMatrixMode
glBlendFunc
glLoadIdentity
glTexParameteri
glDeleteTextures
glTexCoordPointer
glGetTexEnviv
glTexImage2D
glColorPointer
glTexEnvi
glDrawElements
glDisable
glPushMatrix
glShadeModel
glPixelStorei
glOrtho
glPushAttrib
glViewport

kernel32

CreateFileW
SetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetFileSizeEx
GetConsoleOutputCP
WriteFile
FlushFileBuffers
ReadConsoleW
GetConsoleMode
SetFilePointerEx
GetFileType
GetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
FreeLibraryAndExitThread
FreeConsole
GetCurrentProcessId
GetConsoleWindow
AllocConsole
DisableThreadLibraryCalls
CloseHandle
CreateThread
MultiByteToWideChar
GlobalAlloc
GlobalFree
GlobalLock
WideCharToMultiByte
GlobalUnlock
VirtualFree
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapCreate
HeapSize
HeapFree
GetCurrentProcess
Thread32Next
Thread32First
GetCurrentThreadId
SuspendThread
ResumeThread
CreateToolhelp32Snapshot
Sleep
HeapReAlloc
HeapAlloc
HeapDestroy
GetThreadContext
GetProcAddress
GetModuleHandleW
FlushInstructionCache
SetThreadContext
OpenThread
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
LCMapStringW
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
ExitThread
ReadFile
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
GetLastError
RaiseException
RtlPcToFileHeader
InterlockedFlushSList
RtlUnwindEx
InitializeSListHead
GetStartupInfoW
SetEndOfFile
WriteConsoleW
VirtualProtect
QueryPerformanceCounter
QueryPerformanceFrequency
WaitForSingleObjectEx
GetExitCodeThread
RtlUnwind
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
InitializeCriticalSectionEx
GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
LCMapStringEx
GetStringTypeW
GetCPInfo
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent

user32

MessageBoxA
ShowWindow
ClipCursor
GetWindowTextLengthA
GetTopWindow
GetWindowTextA
GetClassNameA
IsWindowVisible
GetWindow
GetWindowThreadProcessId
GetCursorPos
mouse_event
ClientToScreen
MapVirtualKeyA
keybd_event
SetClipboardData
GetClipboardData
EmptyClipboard
CloseClipboard
OpenClipboard
SetCursorPos
GetClientRect
GetForegroundWindow
SendMessageA

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmGetContext

Exports

Exports

getLicenseEnd

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 195KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3dceb3eb552c4485c9cedf2bfdc04fc

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

jvm

winmm

opengl32

kernel32

user32

imm32

Exports

Exports

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 195KB - Virtual size: 194KB

.data Size: 70KB - Virtual size: 77KB

.pdata Size: 57KB - Virtual size: 56KB

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 195KB - Virtual size: 194KB

.data
Size: 70KB - Virtual size: 77KB

.pdata
Size: 57KB - Virtual size: 56KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 4KB - Virtual size: 4KB