36d7cf5ce15ef9f0059c74fb0d149f99[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

36d7cf5ce15ef9f0059c74fb0d149f99.bin
Size

47.0MB
MD5

bff7b5772542e8a902b3909b1b49b675
SHA1

3534be68bc11e8201e85d9b4be13f1aed84892bd
SHA256

1f0223058f3bddd010db0099d25b58046687576bfbd5184a1f3b12230c2887f9
SHA512

62f155177fbdedb17d44438cbbe8b0ddd2236944afd4bf96a5542acb44262f2c661e08d9b2e686832acf59c5bd2671df93c5448b4dd1168516fca968a5cb3915
SSDEEP

786432:EIv2JwXUyuYbDsShNVYyHxmFE2jt5aEsJNTI+j2V6Akq1sYzM57f0SGv/Eb6J:EIv2ieDSP6k4EkeTI+Qbk2ssv2U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/fa18433741f21447f8092e356592648f5b4f8144130e559d2c7f6e235ccdef3e.exe

Files

36d7cf5ce15ef9f0059c74fb0d149f99.bin
.zip

Password: infected
fa18433741f21447f8092e356592648f5b4f8144130e559d2c7f6e235ccdef3e.exe
.exe windows:4 windows x64 arch:x64

Password: infected

d6de73949683c8b653dcfadeaaf88cb7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

OpenEventA
FileTimeToLocalFileTime
GetModuleHandleA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
SetEnvironmentVariableA
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
GetTimeZoneInformation
GetConsoleMode
GetConsoleCP
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
QueryPerformanceCounter
LoadLibraryW
FlsFree
FlsAlloc
FlsSetValue
FlsGetValue
GetACP
HeapReAlloc
HeapCreate
HeapSetInformation
RtlVirtualUnwind
OutputDebugStringW
GetFileType
WriteConsoleW
OutputDebugStringA
GetStdHandle
DebugBreak
RtlPcToFileHeader
RaiseException
ExitThread
CreateThread
RtlUnwindEx
RtlLookupFunctionEntry
GetStartupInfoA
GetProcessHeap
HeapFree
GetCommandLineA
VirtualQuery
GetSystemInfo
VirtualAlloc
ExitProcess
RtlCaptureContext
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
IsBadReadPtr
HeapValidate
HeapSize
FindResourceExA
FileTimeToSystemTime
SetFileAttributesA
SystemTimeToFileTime
LocalFileTimeToFileTime
GetOEMCP
GetCPInfo
GetProfileIntA
VirtualProtect
GetShortPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
DeleteFileA
MoveFileA
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
GetHandleInformation
GetAtomNameA
GetThreadLocale
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
SetErrorMode
GetCurrentDirectoryA
GetModuleFileNameW
GlobalFlags
GetDiskFreeSpaceA
GetFullPathNameA
GetTempFileNameA
GetFileTime
SetFileTime
GetFileAttributesA
MulDiv
CopyFileA
GlobalSize
FormatMessageA
LocalFree
lstrcmpW
GlobalFindAtomA
GetVersionExA
CreateEventA
SetEvent
WaitForSingleObject
CloseHandle
GlobalGetAtomNameA
SuspendThread
ResumeThread
GetThreadPriority
SetThreadPriority
GlobalAddAtomA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
FreeResource
GlobalFree
GetCurrentProcessId
GetTickCount
LoadResource
LockResource
SizeofResource
FindResourceA
GlobalAlloc
FreeLibrary
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
GetLocaleInfoA
ConvertDefaultLocale
EnumResourceLanguagesA
GetModuleFileNameA
SetLastError
GlobalLock
lstrcmpA
GlobalUnlock
GetVersion
CompareStringA
lstrcmpiA
GetLastError
GetStringTypeExA
lstrlenW
MultiByteToWideChar
CompareStringW
WideCharToMultiByte
lstrlenA
HeapAlloc
GetProcAddress
LoadLibraryA

user32

DestroyIcon
MessageBeep
CopyAcceleratorTableA
CharNextA
DestroyCursor
GetMenuContextHelpId
SetMenuContextHelpId
LoadMenuIndirectA
ModifyMenuA
InsertMenuItemA
SetMenuItemInfoA
GetMenuItemInfoA
GetMenuDefaultItem
SetMenuDefaultItem
EnableMenuItem
CheckMenuItem
DeleteMenu
CreatePopupMenu
CreateMenu
ScrollDC
GrayStringA
GetTabbedTextExtentA
DrawTextExA
DrawTextA
DrawFocusRect
DrawFrameControl
DrawEdge
DrawStateA
DrawIcon
InvertRect
FrameRect
FillRect
ExcludeUpdateRgn
WindowFromDC
GetSysColorBrush
SetRectEmpty
RemoveMenu
IsMenu
GetMenuState
GetMenuStringA
AppendMenuA
InsertMenuA
GetMenuItemID
CreateWindowExA
GetClassInfoExA
RegisterClassA
AdjustWindowRectEx
DeferWindowPos
BeginDeferWindowPos
CopyRect
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
TrackPopupMenuEx
TrackPopupMenu
SetWindowPlacement
GetClassLongA
GetClassLongPtrA
GetWindowLongPtrA
SetPropA
UnhookWindowsHookEx
GetPropA
CallWindowProcA
SetWindowLongPtrA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
CallNextHookEx
GetCursorPos
SetWindowsHookExA
GetMessageA
TranslateMessage
DispatchMessageA
GetMenuCheckMarkDimensions
LoadBitmapA
SetMenuItemBitmaps
TabbedTextOutA
RegisterWindowMessageA
GetClassInfoA
GetClassNameA
GetSysColor
EqualRect
GetKeyState
GetMenuItemCount
GetSubMenu
GetDialogBaseUnits
ReuseDDElParam
WinHelpA
SetCursor
ReleaseCapture
TranslateAcceleratorA
PeekMessageA
EndDialog
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
OpenIcon
CloseWindow
LoadIconA
LoadCursorA
PostThreadMessageA
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
GetWindowContextHelpId
SendNotifyMessageA
GetForegroundWindow
SetForegroundWindow
ShowCaret
HideCaret
SetCaretPos
GetCaretPos
CreateCaret
GetClipboardViewer
GetClipboardOwner
GetOpenClipboardWindow
OpenClipboard
SetClipboardViewer
ChangeClipboardChain
FlashWindow
WindowFromPoint
SetParent
IsChild
GetTopWindow
FindWindowExA
FindWindowA
ChildWindowFromPointEx
ChildWindowFromPoint
ShowScrollBar
GetNextDlgTabItem
GetNextDlgGroupItem
DlgDirSelectComboBoxExA
DlgDirSelectExA
DlgDirListComboBoxA
DlgDirListA
GetDesktopWindow
SetCapture
GetCapture
SetActiveWindow
GetActiveWindow
KillTimer
SetTimer
DrawCaption
DrawAnimatedRects
EnableScrollBar
RedrawWindow
LockWindowUpdate
GetDCEx
ShowOwnedPopups
IsWindowVisible
ValidateRgn
ValidateRect
InvalidateRgn
EnumThreadWindows
CharUpperA
CheckMenuRadioItem
PostQuitMessage
InvalidateRect
GetUpdateRgn
GetUpdateRect
UpdateWindow
ReleaseDC
GetWindowDC
GetDC
EndPaint
BeginPaint
ScreenToClient
ClientToScreen
MapWindowPoints
GetClientRect
GetWindowRect
BringWindowToTop
GetKeyNameTextA
MapVirtualKeyA
GetAsyncKeyState
GetClipboardFormatNameA
PtInRect
InSendMessage
GetWindowRgn
SetWindowRgn
IsRectEmpty
UnregisterClassA
IsClipboardFormatAvailable
WaitMessage
UnpackDDElParam
RegisterClipboardFormatA
MsgWaitForMultipleObjects
IsWindowUnicode
GetMessageW
DispatchMessageW
SubtractRect
UnionRect
InflateRect
SetRect
SendMessageA
GetWindowThreadProcessId
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetParent
GetWindowLongA
MessageBoxA
SetWindowContextHelpId
GetWindow
SetWindowPos
MapDialogRect
LoadAcceleratorsA
LoadMenuA
DestroyMenu
CheckDlgButton
IsWindow
CheckRadioButton
GetDlgItem
GetDlgItemInt
GetDlgItemTextA
SendDlgItemMessageA
SetDlgItemInt
SetDlgItemTextA
IsDlgButtonChecked
ScrollWindowEx
IsDialogMessageA
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
GetDlgCtrlID
SetWindowLongA
MoveWindow
ShowWindow
SetFocus
GetFocus
PostMessageA
DragDetect
GetMenu
SetMenu
DrawMenuBar
GetSystemMenu
HiliteMenuItem
IsIconic
IsZoomed
ArrangeIconicWindows

gdi32

RectInRegion
CreateICA
GetBrushOrgEx
SetBrushOrgEx
EnumObjects
GetNearestColor
RealizePalette
UpdateColors
GetBkColor
GetBkMode
GetPolyFillMode
GetROP2
GetStretchBltMode
GetTextColor
GetMapMode
GetGraphicsMode
GetWorldTransform
GetViewportOrgEx
GetViewportExtEx
GetWindowOrgEx
GetWindowExtEx
DPtoLP
LPtoDP
FillRgn
FrameRgn
InvertRgn
PaintRgn
PtVisible
RectVisible
GetCurrentPositionEx
Arc
Polyline
Chord
Ellipse
Pie
Polygon
PolyPolygon
Rectangle
RoundRect
PatBlt
BitBlt
StretchBlt
GetPixel
SetPixel
FloodFill
ExtFloodFill
TextOutA
GetTextExtentPoint32A
GetTextAlign
GetTextFaceA
GetTextMetricsA
GetTextCharacterExtra
GetFontLanguageInfo
GetCharacterPlacementA
GetAspectRatioFilterEx
Escape
SetBoundsRect
GetBoundsRect
ResetDCA
GetOutlineTextMetricsA
GetCharABCWidthsA
GetFontData
GetKerningPairsA
GetGlyphOutlineA
StartDocA
StartPage
EndPage
SetAbortProc
AbortDoc
EndDoc
MaskBlt
PlgBlt
OffsetRgn
AngleArc
GetArcDirection
PolyPolyline
GetColorAdjustment
PtInRegion
PolyBezier
DrawEscape
ExtEscape
GetCharABCWidthsFloatA
GetCharWidthFloatA
AbortPath
BeginPath
CloseFigure
EndPath
FillPath
FlattenPath
GetMiterLimit
GetPath
SetMiterLimit
StrokeAndFillPath
StrokePath
WidenPath
GdiComment
PlayEnhMetaFile
SaveDC
RestoreDC
SelectPalette
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
ExcludeClipRect
IntersectClipRect
OffsetClipRgn
MoveToEx
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
GetClipRgn
SelectClipPath
ExtSelectClipRgn
PlayMetaFileRecord
EnumMetaFile
PlayMetaFile
EnumFontFamiliesExA
DeleteMetaFile
EqualRgn
CombineRgn
SetRectRgn
GetRegionData
ExtCreateRegion
PathToRegion
CreateRoundRectRgn
CreatePolyPolygonRgn
CreatePolygonRgn
CreateEllipticRgnIndirect
CreateEllipticRgn
SetPaletteEntries
CreateRectRgnIndirect
CreateRectRgn
ResizePalette
GetCurrentObject
GetRgnBox
CreateBrushIndirect
CreateHatchBrush
CreateSolidBrush
ExtCreatePen
GetNearestPaletteIndex
SetPixelV
CreatePatternBrush
GetPaletteEntries
CreateHalftonePalette
CreatePalette
CreateDiscardableBitmap
GetBitmapDimensionEx
SetBitmapDimensionEx
GetBitmapBits
CreatePenIndirect
CreatePen
UnrealizeObject
GetStockObject
GetObjectType
CreateFontA
GetCharWidthA
DeleteObject
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
StretchDIBits
DeleteDC
GetDeviceCaps
CreateDCA
CopyMetaFileA
GetObjectA
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateBitmap
ExtTextOutA
CloseEnhMetaFile
CreateEnhMetaFileA
CloseMetaFile
CreateMetaFileA
CreateDIBPatternBrushPt
CreateFontIndirectA
CreateBitmapIndirect
SetBitmapBits
AnimatePalette

comdlg32

GetFileTitleA

winspool.drv

GetJobA
OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

SetThreadToken
OpenThreadToken
RegCreateKeyA
GetFileSecurityA
SetFileSecurityA
RegSetValueA
RegOpenKeyA
RegEnumKeyA
RegQueryValueA
RegDeleteKeyA
RegDeleteValueA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RevertToSelf

shell32

DragFinish
DragQueryFileA
SHGetFileInfoA
ExtractIconA
DragAcceptFiles

comctl32

InitCommonControlsEx

shlwapi

PathRemoveExtensionA
PathFindFileNameA
PathIsUNCA
PathFindExtensionA
PathStripToRootA

oledlg

ord3
ord7
ord6
ord5
ord9
ord4
ord8

ole32

GetHGlobalFromILockBytes
OleGetIconOfClass
WriteClassStm
OleSaveToStream
OleIsRunning
GetRunningObjectTable
CoLockObjectExternal
CoGetMalloc
StgCreateDocfile
StgOpenStorage
StgIsStorageFile
CreateOleAdviseHolder
CreateDataAdviseHolder
OleGetClipboard
OleQueryCreateFromData
OleQueryLinkFromData
OleSetMenuDescriptor
DoDragDrop
OleCreateLinkFromData
OleCreateFromData
OleSetContainedObject
OleLockRunning
CreateStreamOnHGlobal
OleRun
GetClassFile
CreateFileMoniker
CreateGenericComposite
CreateItemMoniker
CoCreateInstance
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
StgIsStorageILockBytes
OleTranslateAccelerator
OleLoad
OleRegEnumVerbs
CoDisconnectObject
StringFromGUID2
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
OleFlushClipboard
OleSetClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoRegisterClassObject
CoGetClassObject
CoRegisterMessageFilter
ReleaseStgMedium
CoTaskMemAlloc
CoTreatAsClass
StringFromCLSID
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CreateBindCtx
OleDuplicateData
CLSIDFromString
CLSIDFromProgID
CoFreeUnusedLibraries
OleUninitialize
OleInitialize
IsAccelerator
OleSave
OleCreate
OleCreateLinkToFile
CoUnmarshalInterface
CoMarshalInterface
CoReleaseMarshalData
OleCreateFromFile
OleRegGetMiscStatus
OleCreateStaticFromData

oleaut32

SystemTimeToVariantTime
SysFreeString
SysAllocStringLen
VariantClear
VariantChangeType
SysStringLen
SysAllocStringByteLen
SysStringByteLen
OleCreateFontIndirect
SafeArrayDestroy
SysAllocString
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayRedim
SafeArrayCreate
VariantCopy
SysReAllocStringLen
VarCyFromStr
VarBstrFromCy
SafeArrayCopy
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
SafeArrayDestroyData
SafeArrayDestroyDescriptor
VarBstrFromDec
VarDecFromStr
VarDateFromStr
VarBstrFromDate
LoadTypeLi
DosDateTimeToVariantTime
VariantTimeToSystemTime
VarUdateFromDate
VarDateFromUdate
VariantInit

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 933KB - Virtual size: 932KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 46.3MB - Virtual size: 46.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

d6de73949683c8b653dcfadeaaf88cb7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 933KB - Virtual size: 932KB

.data Size: 21KB - Virtual size: 46KB

.pdata Size: 101KB - Virtual size: 100KB

.rsrc Size: 46.3MB - Virtual size: 46.3MB

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 933KB - Virtual size: 932KB

.data
Size: 21KB - Virtual size: 46KB

.pdata
Size: 101KB - Virtual size: 100KB

.rsrc
Size: 46.3MB - Virtual size: 46.3MB