231cc926aa815a386f7de724db3b4b00[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

231cc926aa815a386f7de724db3b4b00.bin
Size

19.7MB
MD5

52421efc70eb848eab73116d1a9b50f3
SHA1

eedf177267173c1bd89373d4c047f76420a4e44c
SHA256

37f70bd3447a8ffff56590fc234e6f240ecf53d771d336a8c1d83fdae68451b2
SHA512

6d4d586551d0066eca530726f94b09144d459a78e46a48a00f2707ba7a9d9e508b6925668f5a546374f15b25d3ab1694537591a24dd84ee8bc00ead8203e2385
SSDEEP

393216:T8Mryp+M2GFa3pkdNsP2ME+p588cxQvHt48KGC8Z2Wl2wT+CLyi3o:yQGQZaRME+pyhi68s22Wlr/1o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/f6d056605c3fa46df2b3bcdb6af007f5663cf330c79a204e10ef990d70bbf4ad.dll

Files

231cc926aa815a386f7de724db3b4b00.bin
.zip

Password: infected
f6d056605c3fa46df2b3bcdb6af007f5663cf330c79a204e10ef990d70bbf4ad.dll
.dll windows:6 windows x86 arch:x86

Password: infected

63f4289001bc0f631f0b6c3785787e0b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winspool.drv

DocumentPropertiesW

comdlg32

ChooseColorW

comctl32

ImageList_GetImageInfo

shell32

Shell_NotifyIconW

user32

MoveWindow

version

GetFileVersionInfoSizeW

oleaut32

SafeArrayPutElement

advapi32

RegSetValueExW

msvcrt

log

winhttp

WinHttpGetIEProxyConfigForCurrentUser

kernel32

GetVersion
GetVersionExW

shfolder

SHGetFolderPathW

ole32

CreateBindCtx

gdi32

Pie

Exports

Exports

__dbk_fcall_wrapper
dbkFCallWrapperAddr
ixnfirekmkvv

Sections

.text
Size: 7.7MB - Virtual size: 7.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 32KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qrftrhn
Size: 8.7MB - Virtual size: 8.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qrftrhn
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qrftrhn
Size: 8.4MB - Virtual size: 8.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 233KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 635KB - Virtual size: 634KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

63f4289001bc0f631f0b6c3785787e0b

Headers

DLL Characteristics

File Characteristics

Imports

winspool.drv

comdlg32

comctl32

shell32

user32

version

oleaut32

advapi32

msvcrt

winhttp

kernel32

shfolder

ole32

gdi32

Exports

Exports

Sections

.text Size: 7.7MB - Virtual size: 7.7MB

.itext Size: 18KB - Virtual size: 17KB

.data Size: 182KB - Virtual size: 182KB

.bss Size: - Virtual size: 32KB

.idata Size: 16KB - Virtual size: 15KB

.didata Size: 4KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 136B

.rdata Size: 512B - Virtual size: 69B

.qrftrhn Size: 8.7MB - Virtual size: 8.7MB

.qrftrhn Size: 512B - Virtual size: 140B

.qrftrhn Size: 8.4MB - Virtual size: 8.4MB

.rsrc Size: 233KB - Virtual size: 232KB

.reloc Size: 635KB - Virtual size: 634KB

.text
Size: 7.7MB - Virtual size: 7.7MB

.itext
Size: 18KB - Virtual size: 17KB

.data
Size: 182KB - Virtual size: 182KB

.bss
Size: - Virtual size: 32KB

.idata
Size: 16KB - Virtual size: 15KB

.didata
Size: 4KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 136B

.rdata
Size: 512B - Virtual size: 69B

.qrftrhn
Size: 8.7MB - Virtual size: 8.7MB

.qrftrhn
Size: 512B - Virtual size: 140B

.qrftrhn
Size: 8.4MB - Virtual size: 8.4MB

.rsrc
Size: 233KB - Virtual size: 232KB

.reloc
Size: 635KB - Virtual size: 634KB