91681de8bfda5e0e0b4199df1c22f71a[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

91681de8bfda5e0e0b4199df1c22f71a.bin
Size

2.3MB
MD5

77bb4af7204b5fdae6c4389983996f29
SHA1

b402f196fe3e6c53a305d21d619b9239723c29b3
SHA256

1e1a3fd5cf5d6b4f8fc9964a79d20b99193e7605e013fd634761cf8ac11def79
SHA512

cd8e0a303c5bf868b70010919378d74b666983c00fdf29864bcbc4b14485132f8453c3572876d67007d19ce81abf78437b25ea3620280391b8fe3e96d2694035
SSDEEP

24576:cqlripmrjlH2jm/KImNxufm7nwlAUF7JuhUxdxYhuTPuw4kxQI/YkZmiI/CZyznI:Dbzau+73U4UKVEjdZXbUTtXOvsHGY9bi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/c947e24166ead4ff5822f516f78eba11ca63a8a018806452dc16aede6474e41e.dll

Files

91681de8bfda5e0e0b4199df1c22f71a.bin
.zip

Password: infected
c947e24166ead4ff5822f516f78eba11ca63a8a018806452dc16aede6474e41e.dll
.dll windows:5 windows x86 arch:x86

Password: infected

8588c87e2dab8ee4c9c791c9af9d3346

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

InitializeAcl

gdi32

FlattenPath
SetROP2
Chord
GetMetaFileA
SelectClipPath

winmm

waveInGetDevCapsA

kernel32

LoadLibraryExW
OutputDebugStringA
LoadLibraryExA
GetModuleFileNameA
GetBinaryTypeA
CancelIo
AssignProcessToJobObject
GetSystemTimeAsFileTime
LoadLibraryW

version

VerQueryValueA

user32

IsCharLowerW
DeleteMenu
LoadAcceleratorsW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qdata
Size: 344KB - Virtual size: 341KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dJikU40
Size: 276KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

XJv48hjo
Size: 432KB - Virtual size: 431KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

8588c87e2dab8ee4c9c791c9af9d3346

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

gdi32

winmm

kernel32

version

user32

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 116KB - Virtual size: 115KB

.qdata Size: 344KB - Virtual size: 341KB

dJikU40 Size: 276KB - Virtual size: 275KB

XJv48hjo Size: 432KB - Virtual size: 431KB

.rsrc Size: 24KB - Virtual size: 21KB

.reloc Size: 40KB - Virtual size: 38KB

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 116KB - Virtual size: 115KB

.qdata
Size: 344KB - Virtual size: 341KB

dJikU40
Size: 276KB - Virtual size: 275KB

XJv48hjo
Size: 432KB - Virtual size: 431KB

.rsrc
Size: 24KB - Virtual size: 21KB

.reloc
Size: 40KB - Virtual size: 38KB