b446e37b527a4fffd8d9eec94a221f0e[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

b446e37b527a4fffd8d9eec94a221f0e.bin
Size

2.5MB
MD5

b446e37b527a4fffd8d9eec94a221f0e
SHA1

e82ba07d879af9072eb034cfe204b12d4f6e5de6
SHA256

971b7d00e89d22171896189f44d898401620ebf46e343c2102b306a5e3cd4d85
SHA512

8e35e5bd80a68f27f3b527083de6342f8abf6fc608e0bb7ffedca8400c5f7306bce5e3457053f9918f4ef87984586725f75386f99ed09662a02e99496f1707fe
SSDEEP

49152:0r52aGByXObdJaHN67eZOWnsUC5MKsz9/MQ+3I3QwK:e5x+bdJaHxZOWnsE9/oz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b446e37b527a4fffd8d9eec94a221f0e.bin

Files

b446e37b527a4fffd8d9eec94a221f0e.bin
.exe windows:5 windows x86 arch:x86

cbe882aa524dfc1fe5ed9dfae9275f30

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

imm32

ImmGetContext
ImmSetCompositionWindow
ImmIsIME
ImmReleaseContext

rpcrt4

UuidToStringA
UuidCreate
RpcStringFreeA

kernel32

VirtualQuery
HeapReAlloc
GetSystemTimeAsFileTime
GetCommandLineA
GetStartupInfoA
HeapSize
ExitProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetACP
IsValidCodePage
GetStdHandle
LCMapStringA
LCMapStringW
HeapCreate
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
GetDriveTypeA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetSystemInfo
SetEnvironmentVariableA
GetProcessHeap
lstrlenA
GetModuleFileNameA
GetLocalTime
GetComputerNameA
OutputDebugStringA
GetTimeFormatA
GetDateFormatA
VirtualFree
SizeofResource
LockResource
LoadResource
FindResourceA
WideCharToMultiByte
MulDiv
lstrcpyA
GetTickCount
lstrcmpiA
lstrcatA
VirtualAlloc
GetExitCodeProcess
TerminateProcess
CloseHandle
WaitForSingleObject
Sleep
SetEvent
GlobalFree
GlobalAlloc
ReadFile
CreateEventA
DuplicateHandle
GetCurrentProcess
GetTimeZoneInformation
MultiByteToWideChar
FormatMessageA
GetLastError
GlobalUnlock
GlobalLock
VirtualProtect
HeapFree
HeapAlloc
CreateThread
ExitThread
RtlUnwind
GetFileSizeEx
LocalFileTimeToFileTime
GetShortPathNameA
GetVolumeInformationA
UnlockFile
LockFile
FlushFileBuffers
GetStringTypeExA
MoveFileA
GetSystemDirectoryW
LoadLibraryW
SystemTimeToFileTime
GetThreadLocale
GetModuleHandleW
GetOEMCP
GetCPInfo
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetFullPathNameA
GetFileTime
SetFileTime
WritePrivateProfileStringA
GetPrivateProfileIntA
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
LoadLibraryExA
GetProfileIntA
GlobalFlags
GetModuleFileNameW
GetCurrentProcessId
GlobalSize
GetCurrentThreadId
GlobalGetAtomNameA
lstrcmpW
RaiseException
InterlockedExchange
LocalFree
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
FreeResource
GetVersion
GetVersionExA
GetFileInformationByHandle
GetTempPathA
GetTempFileNameA
CopyFileExA
CompareFileTime
CompareStringA
GetEnvironmentVariableA
FreeLibrary
ResetEvent
SetErrorMode
SearchPathA
GetPrivateProfileStringA
lstrlenW
LocalAlloc
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCurrentDirectoryA
SetLastError
GetProcAddress
LoadLibraryA
GetFileAttributesExA
FileTimeToSystemTime
GetLocaleInfoA
FindFirstFileA
FindNextFileA
FindClose
SetEndOfFile
CreateFileA
GetFileAttributesA
CopyFileA
MoveFileExA
DeleteFileA
SetFilePointer
GetFileSize
WriteFile
InterlockedExchangeAdd
InterlockedDecrement
InterlockedIncrement
lstrcmpA
lstrcpynA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetModuleHandleA
CompareStringW

user32

UnregisterClassA
CopyAcceleratorTableA
CreateMenu
PostThreadMessageA
GetTabbedTextExtentA
LockWindowUpdate
CheckRadioButton
CheckDlgButton
WinHelpA
GetWindowTextLengthA
GetForegroundWindow
GetLastActivePopup
GetTopWindow
GetMessageTime
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetScrollRange
GetScrollPos
ShowScrollBar
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
GetScrollInfo
SetWindowPlacement
GetWindowPlacement
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
SetScrollRange
SetScrollPos
EnumChildWindows
DeferWindowPos
GetSysColorBrush
BeginDeferWindowPos
EndDeferWindowPos
GetDCEx
MapVirtualKeyExA
GetKeyNameTextA
SetParent
GetWindow
GetActiveWindow
FrameRect
GetClassLongA
GetMessageA
SetWindowsHookExA
UnhookWindowsHookEx
CallNextHookEx
WindowFromPoint
GetClassNameA
SetPropA
GetMessagePos
GetPropA
RemovePropA
SetMenuInfo
GetIconInfo
GetMenuItemRect
GetSystemMenu
RegisterWindowMessageA
CopyImage
SetWindowLongA
SetLayeredWindowAttributes
DestroyIcon
CreateWindowExA
ValidateRect
SetMenu
RedrawWindow
LoadMenuA
IsMenu
MonitorFromRect
GetWindowLongA
DrawMenuBar
RemoveMenu
ModifyMenuA
GetSubMenu
GetMenuItemInfoA
GetMenuState
PostQuitMessage
GetMenuDefaultItem
AppendMenuA
WindowFromDC
CallWindowProcA
DrawStateA
GetKeyboardLayout
EnableScrollBar
GetCaretPos
OffsetRect
GetAsyncKeyState
CreateCaret
ShowCaret
HideCaret
SetCaretPos
DestroyCaret
IsClipboardFormatAvailable
IsCharAlphaA
IsCharLowerA
IsWindow
PeekMessageA
DispatchMessageA
UnionRect
FindWindowA
SetForegroundWindow
DrawFocusRect
GetDlgCtrlID
LoadAcceleratorsA
GetMenu
GetMenuInfo
MenuItemFromPoint
IsChild
GetWindowDC
BringWindowToTop
IsIconic
FillRect
LoadBitmapA
SetActiveWindow
InsertMenuA
GetMenuItemCount
EnableMenuItem
CheckMenuItem
DeleteMenu
CreatePopupMenu
GetDesktopWindow
CharLowerA
SystemParametersInfoA
MonitorFromPoint
GetMonitorInfoA
SetWindowRgn
SendDlgItemMessageA
GetKeyState
BeginPaint
EndPaint
GetNextDlgTabItem
ShowOwnedPopups
WaitMessage
TranslateMessage
IsZoomed
EnableWindow
SetFocus
GetCapture
ReleaseCapture
CreateAcceleratorTableA
DestroyAcceleratorTable
GetClassInfoA
DefWindowProcA
GetClipboardData
SetScrollInfo
MoveWindow
SetWindowPos
DrawIconEx
RegisterClipboardFormatA
SetClipboardData
ShowWindow
SetCursor
DestroyWindow
GrayStringA
DrawTextA
TabbedTextOutA
SetCapture
TranslateMDISysAccel
DefMDIChildProcA
DefFrameProcA
DrawIcon
DestroyCursor
UnpackDDElParam
ReuseDDElParam
DestroyMenu
InsertMenuItemA
GetWindowThreadProcessId
CreateDialogIndirectParamA
KillTimer
SetTimer
IsWindowVisible
UpdateWindow
EndDialog
GetMenuStringA
ScrollWindowEx
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
GetMenuItemID
GetDlgItem
SendMessageA
GetFocus
GetWindowRect
GetClientRect
wsprintfA
CharUpperA
GetParent
LoadIconA
SetRectEmpty
DrawFrameControl
InvalidateRect
GetSystemMetrics
PostMessageA
GetCursorPos
ReleaseDC
GetDC
IsWindowEnabled
GetWindowTextA
LoadImageA
IsCharAlphaNumericA
MessageBoxA
SetWindowTextA
EmptyClipboard
OpenClipboard
CloseClipboard
GetSysColor
CopyRect
IsRectEmpty
PtInRect
SetRect
InflateRect
IntersectRect
EqualRect
TranslateAcceleratorA
DrawTextExA
LoadCursorA
DrawEdge
ClientToScreen
ScreenToClient
MessageBeep

gdi32

GetTextColor
LineTo
MoveToEx
GetStockObject
PatBlt
SetBrushOrgEx
CreatePolygonRgn
LPtoDP
CreateFontIndirectA
SetTextAlign
GetTextExtentPoint32A
CreateSolidBrush
Rectangle
Polygon
CreatePatternBrush
CreateBitmap
UnrealizeObject
GetTextAlign
GetBkColor
GetTextExtentExPointA
DeleteDC
CreateRectRgn
CreateRectRgnIndirect
CombineRgn
GetNearestColor
RoundRect
GetPixel
SetPixel
GetCurrentPositionEx
GetTextExtentPointA
GetLayout
GetCurrentObject
SetWindowOrgEx
SelectClipRgn
GetWindowOrgEx
CreateFontA
EnumFontFamiliesA
Polyline
CopyMetaFileA
CreateDCA
SaveDC
RestoreDC
SetPolyFillMode
SetROP2
SetStretchBltMode
DeleteObject
SetMapMode
GetTextMetricsA
IntersectClipRect
GetViewportExtEx
GetWindowExtEx
StartDocA
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SelectPalette
SetRectRgn
GetMapMode
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
GetViewportOrgEx
CreateEllipticRgn
Ellipse
GetCharWidthA
StretchDIBits
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextFaceA
ExcludeClipRect
GetClipBox
CreateCompatibleBitmap
Escape
TextOutA
RectVisible
PtVisible
DPtoLP
CreatePen
GetDIBColorTable
ExtTextOutA
BitBlt
RealizePalette
CreateCompatibleDC
CreateHalftonePalette
CreatePalette
GetObjectA
SetTextColor
SetBkColor
SelectObject
SetBkMode
GetDeviceCaps

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
GetJobA
ClosePrinter

advapi32

RegCreateKeyA
RegCloseKey
GetFileSecurityA
SetFileSecurityA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegSetValueA
IsTextUnicode
RegOpenKeyExA
RegCreateKeyExA
RegEnumKeyExA
RegEnumValueA
RegQueryValueExA
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
GetUserNameA

shell32

SHGetFolderPathA
SHGetPathFromIDListA
SHGetDesktopFolder
SHGetMalloc
SHBrowseForFolderA
ExtractIconA
SHGetFileInfoA
ShellExecuteA
DragQueryFileA
DragFinish
DragAcceptFiles
SHCreateDirectoryExA

comctl32

ImageList_Draw
ImageList_GetIconSize
_TrackMouseEvent

shlwapi

PathCanonicalizeA
PathIsRelativeA
PathIsDirectoryEmptyA
PathRemoveFileSpecW
PathFindExtensionA
PathRemoveExtensionA
PathFindFileNameA
PathStripToRootA
PathIsUNCA

ole32

OleCreateMenuDescriptor
IsAccelerator
OleTranslateAccelerator
CreateStreamOnHGlobal
OleGetClipboard
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
DoDragDrop
CoInitializeEx
CoUninitialize
OleDuplicateData
CoTaskMemAlloc
CoTaskMemFree
GetRunningObjectTable
CreateBindCtx
OleUninitialize
OleInitialize
ReleaseStgMedium
CLSIDFromString
CLSIDFromProgID
CoCreateInstance
OleRun
OleDestroyMenuDescriptor

oleaut32

VariantTimeToSystemTime
VarDateFromStr
SysFreeString
SysAllocStringByteLen
SysStringByteLen
VariantInit
VariantCopy
VariantClear
VariantChangeType
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroy
SafeArrayGetDim
SafeArrayCreate
SafeArrayPutElement
SysAllocStringLen
CreateErrorInfo
SysAllocString
SystemTimeToVariantTime

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 310KB - Virtual size: 309KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 810KB - Virtual size: 809KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cbe882aa524dfc1fe5ed9dfae9275f30

Headers

DLL Characteristics

File Characteristics

Imports

imm32

rpcrt4

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 310KB - Virtual size: 309KB

.data Size: 64KB - Virtual size: 83KB

.rsrc Size: 810KB - Virtual size: 809KB

.text Size: 160KB - Virtual size: 160KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 310KB - Virtual size: 309KB

.data
Size: 64KB - Virtual size: 83KB

.rsrc
Size: 810KB - Virtual size: 809KB

.text
Size: 160KB - Virtual size: 160KB