7b6f59100a29f962eb692a71eaa1d3b6[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

7b6f59100a29f962eb692a71eaa1d3b6.bin
Size

18.7MB
MD5

7af14a87e4f9905d4408248e95c811be
SHA1

2a85b3bae5ea136554702273b80db9f1781fae4c
SHA256

0773261505f6007a2c31d8fff5e86aeca0961b4db8b6c875499657a83e93dcd5
SHA512

7d2cbb785d4afa682e381d293a3470d09668889b39828fbc81d090bd93fa028e78ebda88188e80577bf59e14fe8c52b2a6455257f00f7bc7fdf86a531fc39451
SSDEEP

393216:6qPbYmMyAYH30a5AKgBXUrqifJPPcAnlEY2N57jQ6mQVB24W8yxNNT7Jvg2h1:6qUmgYX0a9gBcZf5cADCXmQT2jB7Jvg4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/e79c80d5d51244f2c85170d1c3ab65e7527e90fa7b2d5fc51189361d87dd8311.dll

Files

7b6f59100a29f962eb692a71eaa1d3b6.bin
.zip

Password: infected
e79c80d5d51244f2c85170d1c3ab65e7527e90fa7b2d5fc51189361d87dd8311.dll
.dll windows:6 windows x86 arch:x86

Password: infected

63f4289001bc0f631f0b6c3785787e0b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winspool.drv

DocumentPropertiesW

comdlg32

ChooseColorW

comctl32

ImageList_GetImageInfo

shell32

Shell_NotifyIconW

user32

MoveWindow

version

GetFileVersionInfoSizeW

oleaut32

SafeArrayPutElement

advapi32

RegSetValueExW

msvcrt

log

winhttp

WinHttpGetIEProxyConfigForCurrentUser

kernel32

GetVersion
GetVersionExW

shfolder

SHGetFolderPathW

ole32

CreateBindCtx

gdi32

Pie

Exports

Exports

__dbk_fcall_wrapper
dbkFCallWrapperAddr
sehcrycawxvh

Sections

.text
Size: 7.7MB - Virtual size: 7.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 32KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 135B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.aqvsfxy
Size: 8.0MB - Virtual size: 8.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.aqvsfxy
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aqvsfxy
Size: 7.7MB - Virtual size: 7.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 233KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 635KB - Virtual size: 634KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

63f4289001bc0f631f0b6c3785787e0b

Headers

DLL Characteristics

File Characteristics

Imports

winspool.drv

comdlg32

comctl32

shell32

user32

version

oleaut32

advapi32

msvcrt

winhttp

kernel32

shfolder

ole32

gdi32

Exports

Exports

Sections

.text Size: 7.7MB - Virtual size: 7.7MB

.itext Size: 18KB - Virtual size: 17KB

.data Size: 182KB - Virtual size: 182KB

.bss Size: - Virtual size: 32KB

.idata Size: 16KB - Virtual size: 15KB

.didata Size: 4KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 135B

.rdata Size: 512B - Virtual size: 69B

.aqvsfxy Size: 8.0MB - Virtual size: 8.0MB

.aqvsfxy Size: 512B - Virtual size: 140B

.aqvsfxy Size: 7.7MB - Virtual size: 7.7MB

.rsrc Size: 233KB - Virtual size: 232KB

.reloc Size: 635KB - Virtual size: 634KB

.text
Size: 7.7MB - Virtual size: 7.7MB

.itext
Size: 18KB - Virtual size: 17KB

.data
Size: 182KB - Virtual size: 182KB

.bss
Size: - Virtual size: 32KB

.idata
Size: 16KB - Virtual size: 15KB

.didata
Size: 4KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 135B

.rdata
Size: 512B - Virtual size: 69B

.aqvsfxy
Size: 8.0MB - Virtual size: 8.0MB

.aqvsfxy
Size: 512B - Virtual size: 140B

.aqvsfxy
Size: 7.7MB - Virtual size: 7.7MB

.rsrc
Size: 233KB - Virtual size: 232KB

.reloc
Size: 635KB - Virtual size: 634KB