9447870c6e55fdf22c31bad648ac5183[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

9447870c6e55fdf22c31bad648ac5183.bin
Size

117KB
MD5

64bff8f04bdab0e7470e20d1edaf721d
SHA1

d76441a88858b98262854038c0a7c28fad647d9d
SHA256

aaaa94e10c33b46ca5617bbff9c9f3d82bcd8f9ad6529881317f013583cff30c
SHA512

2c09717fd5e27d9196c9ea8889710b3134a032dfc3bea4c56e297555a7954a8d50c38f0b606852f1ed4998003dfadf8ed169d267406b6e4a153af6f3244bf745
SSDEEP

1536:hUdnLeQOUDhF+ck0tDiIWsT0Uq7YtM4m9mPVFkYa6RTBomnb12PMXpohmIkoOU/6:KjNF+cztcsTi7HNwVCYa6hBnboPfwIho

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/354c951c698257f4c264c41b6852ea95b977b6d10f6af5725eaf36ec227e4be8.dll

Files

9447870c6e55fdf22c31bad648ac5183.bin
.zip

Password: infected
354c951c698257f4c264c41b6852ea95b977b6d10f6af5725eaf36ec227e4be8.dll
.dll windows:6 windows x86 arch:x86

Password: infected

c22b1c307f95f79659a12d3bc86c093d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\123456789089wew\226371\asd\cbhasd\dasdjkj\eweweq.pdb

Imports

kernel32

GetNativeSystemInfo
GetCommandLineW
CreateEventW
GetTickCount64
GetLastError
CloseHandle
GetModuleHandleW
WriteConsoleW
CreateFileW
HeapSize
SetStdHandle
HeapReAlloc
ReadConsoleW
SetFilePointerEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
WideCharToMultiByte
LCMapStringEx
GetStringTypeW
GetCPInfo
RtlUnwind
RaiseException
InterlockedFlushSList
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapAlloc
HeapFree
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
ReadFile
GetFileSizeEx

user32

ShowWindow
RegisterClassW
CreateWindowExW
DefWindowProcW

shell32

CommandLineToArgvW

Exports

Exports

AutoInitDate
BooleanToVariant
ConvertPtrToMemoryBlock
CreateArray
DateCompare
DateFinalizer
DragItemAddItem
DragItemConstructorWithRectControl
DragItemConstructorWithWindow
DragItemDestinationGetter
DragItemDrag
DragItemDragPictureGetter
DragItemDragPictureSetter
DragItemDropHeightSetter
DragItemDropLeftSetter
DragItemDropTopSetter
DragItemDropWidthSetter
DragItemFinalizer
DragItemFolderItemAvailable
DragItemGetMacData
DragItemInitializer
DragItemMacDataAvailable
DragItemMouseCursorGetter
DragItemMouseCursorSetter
DragItemNextItem
DragItemPictureAvailable
DragItemSetMacData
DragItemSetPrivateMacData
DragItemTextAvailable
MDBBooleanGetter
MDBBooleanSetter
MDBCaptionGetter
MDBCaptionSetter
MDButtonGetter
MDIconSetter
MainExport
MemoryBlockAddOperator
MemoryBlockCompareOperator
MemoryBlockFinalizer
MemoryBlockFromStringOperator
MemoryBlockInitializer
MemoryBlockLeftB
MemoryBlockLittleEndianGetter
MemoryBlockLittleEndianSetter
MemoryBlockMidB2
MemoryBlockMidB3
MemoryBlockRightB
MemoryBlockToStringOperator
MessageDialogExplanationGetter
MessageDialogExplanationSetter
MessageDialogFinalizer
MessageDialogIconGetter
MessageDialogInitializer
MessageDialogMessageGetter
MessageDialogMessageSetter
MessageDialogShowModal
MessageDialogShowModalWithin
MessageDialogTitleGetter
MessageDialogTitleSetter
RaiseNilObjectException
RegisterWeakRef
ResolveWeakRef
RuntimeAllocateAttributeTable
RuntimeBackgroundTask
RuntimeCheckCast
RuntimeCloseWindow
RuntimeControlArrayItemReference
RuntimeControlReference
RuntimeCreateDelegate
RuntimeCreateWindow
RuntimeExit
RuntimeHideWindow
RuntimeInit
RuntimeLockObject
RuntimeLockString
RuntimeLockUnlockObjects
RuntimeLockUnlockStrings
RuntimeNewClass
RuntimeNewObject
RuntimeNewVtable
RuntimeObjectIsa
RuntimeReraiseException
RuntimeShowModal
RuntimeShowModalWithinWindow
RuntimeShowWindow
RuntimeShowWithinWindow
RuntimeStackCheck
RuntimeUnlockObject
RuntimeUnlockString
RuntimeViewDestructor
StringToVariant
UnregisterWeakRef
VariantToString
WindowAddControl
WindowAddMenuHandler
WindowAllocateObject
WindowCompositeGetter
WindowCompositeSetter
WindowDefaultConstructor
WindowDockItemGetter
WindowFocusGetter
WindowFocusNext
WindowFocusPrevious
WindowFocusSetter
WindowForceUpdateFrontBuffer
WindowGetContentsChanged
WindowGetFrameBounds
WindowHandleGetter
WindowMacProcIDGetter
WindowMacProcIDSetter
WindowMaximize
WindowMenuBarGetter
WindowMenuBarSetter
WindowMinimize
WindowMinimizeButtonGetter
WindowMinimizeButtonSetter
WindowMouseCursorGetter
WindowMove
WindowRestore
WindowSetContentsChanged
WindowSetFrameBounds
WindowToWindowPtr
WindowVisibleGetter
WindowVisibleSetter
dateFieldGetter
dateFieldSetter
dateGMTOffsetGetter
dateGMTOffsetSetter
dateSQLDateGetter
dateSQLDateSetter
dateSQLDateTimeGetter
dateSQLDateTimeSetter
dateStringGetter
dateTotalSecondsGetter
dateTotalSecondsSetter
dictionaryConstructor
dictionaryDestructor
dictionaryHasKey
dictionaryKey
dictionaryRemove
dictionaryRemoveAll
dictionaryValueGetter
dragItemDropHeight
dragItemDropLeft
dragItemDropTop
dragItemDropWidth
dragItemFolderItemGetter
dragItemFolderItemSetter
dragItemGetHandle
dragItemPictureGetter
dragItemPictureSetter
dragItemTextGetter
dragItemTextSetter
formAcceptFileDrop
formAcceptMacDataDrop
formAcceptPictureDrop
formAcceptTextDrop
formDrawBackground
formDrawInto
formMouseCursorSetter
formRefresh
formRefreshRect
formSetFocus
memoryBlockGetPtr
memoryBlockGetSize
memoryBlockNewConstructor
memoryBlockSetSize
memoryGetBoolean
memoryGetByte
memoryGetCString
memoryGetColor
memoryGetCurrency
memoryGetDouble
memoryGetInt16
memoryGetInt64
memoryGetInt8
memoryGetLong
memoryGetPString
memoryGetPtr
memoryGetShort
memoryGetSingle
memoryGetString
memoryGetUInt16
memoryGetUInt32
memoryGetUInt64
memoryGetUInt8
memoryGetUShort
memoryGetWString
memorySetBoolean
memorySetByte
memorySetCString
memorySetColor
memorySetCurrency
memorySetDouble
memorySetInt16
memorySetInt64
memorySetInt8
memorySetLong
memorySetPString
memorySetPtr
memorySetShort
memorySetSingle
memorySetString
memorySetUInt16
memorySetUInt32
memorySetUInt64
memorySetUInt8
memorySetWString
windowBackColorGetter
windowBackColorSetter
windowBackdropGetter
windowBackdropSetter
windowCloseBoxGetter
windowCloseBoxSetter
windowControl
windowControlCountGetter
windowFrameGetter
windowFrameSetter
windowFullScreenGetter
windowFullScreenSetter
windowGraphicsGetter
windowGrowIconGetter
windowGrowIconSetter
windowHWNDGetter
windowHasBackColorGetter
windowHasBackColorSetter
windowLiveResizeGetter
windowLiveResizeSetter
windowMenusVisibleGetter
windowMenusVisibleSetter
windowMinMaxWidthHeightGetter
windowMinMaxWidthHeightSetter
windowMouseXGetter
windowMouseYGetter
windowPlacementGetter
windowPlacementSetter
windowPosGetter
windowPosSetter
windowTitleGetter
windowTitleSetter
windowWindowPtrGetter
windowZoomIconGetter
windowZoomIconSetter

Sections

.text
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

c22b1c307f95f79659a12d3bc86c093d

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

shell32

Exports

Exports

Sections

.text Size: 139KB - Virtual size: 139KB

.rdata Size: 61KB - Virtual size: 61KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 512B - Virtual size: 248B

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 139KB - Virtual size: 139KB

.rdata
Size: 61KB - Virtual size: 61KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 512B - Virtual size: 248B

.reloc
Size: 7KB - Virtual size: 6KB