df7483be5406be695b50b1f15d83bbb8[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

df7483be5406be695b50b1f15d83bbb8.bin
Size

671KB
MD5

df7483be5406be695b50b1f15d83bbb8
SHA1

69de8d0c0cead028805e8ac93ac6aa1bc95850aa
SHA256

011280573f3ffbf712b5c146749878c18d8f94d57f325c7f9435fc886331c09a
SHA512

7b73ee755af1365a32ac70b4b8658283089e35b3c967b2328b6ab2a9e36881083a87c03d072acfd47eb9fb7d010ae48c8c55a2ebf00bf30b748f4473aff0eb02
SSDEEP

12288:BhGEsm5TpQrNAosJcRl7Bflkby3SJTGfRCK8lizPpZlySdpvIWjuZ:f5v0rNAMXBflkG3BCKiizxhjuZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df7483be5406be695b50b1f15d83bbb8.bin

Files

df7483be5406be695b50b1f15d83bbb8.bin
.exe windows:5 windows x86 arch:x86

9b09238d29656ddbf013445fda61bd91

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

000000000000000000000000000000000000000000000000000000000000000000000000000000000

Imports

crypt32

CryptStringToBinaryA

kernel32

GetStartupInfoA
HeapFree
ExitProcess
ExitThread
CreateThread
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
FatalAppExitA
VirtualFree
HeapCreate
HeapDestroy
GetStdHandle
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
GetACP
IsValidCodePage
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
LCMapStringA
LCMapStringW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetStdHandle
GetCommandLineA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
Sleep
GetCurrentProcess
LockResource
SizeofResource
LoadResource
FindResourceA
GetProcAddress
LoadLibraryW
GetVersionExA
GetModuleHandleA
SetLastError
MulDiv
GlobalUnlock
GlobalLock
GetLastError
FreeLibrary
GlobalAlloc
lstrcmpA
InterlockedExchange
CompareStringA
WideCharToMultiByte
LoadLibraryA
GetLocaleInfoA
GetModuleFileNameA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThreadId
GetCurrentThread
GlobalDeleteAtom
CloseHandle
SetThreadPriority
ResumeThread
WaitForSingleObject
SetEvent
SuspendThread
CreateEventA
GlobalAddAtomA
GetCurrentProcessId
FreeResource
GlobalFree
lstrlenA
MultiByteToWideChar
RaiseException
HeapAlloc
RtlUnwind
GetTickCount
GetFileTime
GetFileSizeEx
GetFileAttributesA
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
SetErrorMode
SystemTimeToFileTime
FileTimeToSystemTime
GetAtomNameA
GetOEMCP
GetCPInfo
GetModuleHandleW
CreateFileA
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiA
GetThreadLocale
GetStringTypeExA
DeleteFileA
MoveFileA
InterlockedIncrement
GetCurrentDirectoryA
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
InterlockedDecrement
GetModuleFileNameW
CopyFileA
GlobalSize
FormatMessageA
LocalFree
lstrlenW
WriteConsoleA

user32

ReuseDDElParam
UnpackDDElParam
RegisterClipboardFormatA
GetKeyNameTextA
MapVirtualKeyA
GetSystemMenu
SetParent
UnionRect
PostThreadMessageA
SetTimer
KillTimer
GetDCEx
LockWindowUpdate
GetNextDlgGroupItem
InvalidateRgn
IsRectEmpty
CopyAcceleratorTableA
CharNextA
GetDialogBaseUnits
CharUpperA
DestroyIcon
GetSysColorBrush
WaitMessage
ReleaseCapture
LoadCursorA
WindowFromPoint
SetCapture
DeleteMenu
InflateRect
ScrollWindowEx
ShowWindow
MoveWindow
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
RegisterWindowMessageA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
SetFocus
GetWindowTextLengthA
GetWindowTextA
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
LoadMenuA
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
SetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowLongA
UnhookWindowsHookEx
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
IsWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
TabbedTextOutA
DrawTextA
DrawTextExA
GrayStringA
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
MessageBoxA
ShowOwnedPopups
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetMenuBarInfo
LoadAcceleratorsA
InsertMenuItemA
CreatePopupMenu
SetRectEmpty
IsWindowVisible
GetKeyState
BringWindowToTop
TranslateAcceleratorA
DestroyMenu
GetMenuItemInfoA
UnregisterClassA
TrackPopupMenu
MessageBeep
SetRect
InvalidateRect
ReleaseDC
GetDC
DrawIcon
SendMessageA
IsIconic
GetWindowRect
GetClientRect
LoadIconA
EnableWindow
GetSystemMetrics
GetWindowPlacement
SystemParametersInfoA
IntersectRect
OffsetRect
PtInRect
FillRect
ScreenToClient
ClientToScreen
GetWindowDC
BeginPaint
EndPaint
GetSysColor
PostQuitMessage
PostMessageA
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
GetParent
GetFocus
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageA
GetForegroundWindow

gdi32

SetROP2
SetStretchBltMode
SetTextColor
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
LineTo
MoveToEx
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
DeleteObject
SelectClipRgn
GetClipRgn
CreateRectRgn
SelectClipPath
GetObjectA
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
StartDocA
SelectObject
OffsetViewportOrgEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SetPolyFillMode
ArcTo
PolyDraw
PolylineTo
PolyBezierTo
ExtSelectClipRgn
CreateDIBPatternBrushPt
CreatePatternBrush
CreateBitmap
CreateCompatibleDC
GetStockObject
SelectPalette
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
CopyMetaFileA
CreateFontIndirectA
CreateRectRgnIndirect
SetRectRgn
CombineRgn
GetMapMode
PatBlt
DPtoLP
GetTextExtentPoint32A
GetTextMetricsA
GetBkColor
GetTextColor
GetRgnBox
CreateCompatibleBitmap
GetCharWidthA
CreateFontA
StretchDIBits
SetBkMode
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
DeleteDC
CreateDCA
SetViewportOrgEx
SetViewportExtEx
GetClipBox
GetDCOrgEx
Rectangle
Escape
ExtTextOutA
TextOutA
RectVisible
GetCurrentPositionEx
PtVisible

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegQueryValueA
RegCloseKey
RegOpenKeyExA
RegCreateKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegSetValueA
RegDeleteKeyA
RegOpenKeyA
RegEnumKeyA
RegQueryValueExA

shell32

ExtractIconA
DragFinish
DragQueryFileA
SHGetFileInfoA

comctl32

ord17

shlwapi

PathFindFileNameA
PathStripToRootA
PathIsUNCA
PathFindExtensionA
PathRemoveExtensionA
PathRemoveFileSpecW

oledlg

ord8

ole32

OleSetClipboard
CoRevokeClassObject
CoRegisterClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleRun
CoInitializeEx
CoUninitialize
CoCreateInstance
CoDisconnectObject
StringFromGUID2
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
OleIsCurrentClipboard
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CLSIDFromString
CLSIDFromProgID
OleFlushClipboard
CoRegisterMessageFilter
CreateStreamOnHGlobal
CoGetClassObject

oleaut32

SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
SysStringLen
SysAllocStringByteLen
SysStringByteLen
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
SysAllocString
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
VariantCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroyData
SafeArrayDestroyDescriptor
SysReAllocStringLen
VarDateFromStr
VarBstrFromCy
VarBstrFromDec
VarDecFromStr
VarCyFromStr
VarBstrFromDate
SysFreeString

Sections

.text
Size: 479KB - Virtual size: 479KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9b09238d29656ddbf013445fda61bd91

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

crypt32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 479KB - Virtual size: 479KB

.rdata Size: 121KB - Virtual size: 120KB

.data Size: 13KB - Virtual size: 27KB

.rsrc Size: 56KB - Virtual size: 56KB

.text
Size: 479KB - Virtual size: 479KB

.rdata
Size: 121KB - Virtual size: 120KB

.data
Size: 13KB - Virtual size: 27KB

.rsrc
Size: 56KB - Virtual size: 56KB