0accf3955609238499bf6b47994b4e5e[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

0accf3955609238499bf6b47994b4e5e.bin
Size

126KB
MD5

e72bf9c0a440840dd591c0e24d4039f9
SHA1

f39ec640d326e1397acfef70fa53fbaca167107c
SHA256

f63f5898681daeef6d851c786937085bd06b3284bd528309e2afc9b7aaaf9ee7
SHA512

3a36d7aa7ca49a70111806e69f9a5bdf1f5fc6341c86df46f1813b54c39e67fafe50e03dfce469078ef8be04f83d6276746954095ab59b17a3fd15f9964b0e51
SSDEEP

3072:5z6pTdtLo5bfG28IqRYAo+T/bjZKuWXfzASVVBOD:5o1o5ryIqRY7+/bjZK2YCD

Score

1^/10

Malware Config

Signatures

Files

0accf3955609238499bf6b47994b4e5e.bin
.zip

Password: infected
5e1d5e8a9515f2eee1df200008a4740c47735a0566b5d085404de1c041ee82e4.exe
.exe windows x86

Password: infected

f553b8ac04465266a97d8a15318f0208

Code Sign

33:00:00:02:cb:b7:75:39:fb:02:71:42:36:00:00:00:00:02:cb
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/05/2022, 20:45

Not After

11/05/2023, 20:45

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

87:ec:10:db:fc:61:71:c3:b6:5e:76:1d:58:a0:33:42:73:d1:c0:c1:ed:84:81:43:ed:95:83:2f:bf:16:79:ba
Signer

Actual PE Digest

87:ec:10:db:fc:61:71:c3:b6:5e:76:1d:58:a0:33:42:73:d1:c0:c1:ed:84:81:43:ed:95:83:2f:bf:16:79:ba

Digest Algorithm

sha256

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

23/03/2023, 16:07
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetModuleHandleA
FreeConsole
MultiByteToWideChar
GetProcAddress
GetCommandLineA
SetUnhandledExceptionFilter
GetModuleHandleW
Sleep
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapAlloc
RaiseException
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
InitializeCriticalSectionAndSpinCount
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

gdi32

CreateFontIndirectA
SelectObject
SetTextColor

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 258KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

f553b8ac04465266a97d8a15318f0208

Code Sign

33:00:00:02:cb:b7:75:39:fb:02:71:42:36:00:00:00:00:02:cbCertificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

87:ec:10:db:fc:61:71:c3:b6:5e:76:1d:58:a0:33:42:73:d1:c0:c1:ed:84:81:43:ed:95:83:2f:bf:16:79:baSigner

Signature Validations

Verification

23/03/2023, 16:07 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 46KB - Virtual size: 45KB

.rdata Size: 11KB - Virtual size: 10KB

.data Size: 258KB - Virtual size: 261KB

.rsrc Size: 2KB - Virtual size: 1KB

33:00:00:02:cb:b7:75:39:fb:02:71:42:36:00:00:00:00:02:cb
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

87:ec:10:db:fc:61:71:c3:b6:5e:76:1d:58:a0:33:42:73:d1:c0:c1:ed:84:81:43:ed:95:83:2f:bf:16:79:ba
Signer

23/03/2023, 16:07
Valid: false

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 11KB - Virtual size: 10KB

.data
Size: 258KB - Virtual size: 261KB

.rsrc
Size: 2KB - Virtual size: 1KB