e4764a7594668f222b75f5e8f50d60bc[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

e4764a7594668f222b75f5e8f50d60bc.bin
Size

53KB
MD5

937bddffabbf56b365bb1996356835cb
SHA1

49c7cfb96c0ad1203bd8c4cfcf908b13091fad76
SHA256

322282df53b6db73ea59dc40402d6fe003730a9a90ef0651406a73edd22ab0de
SHA512

9e3cfdc97c111d8dc0208f7ff4dd1f708896397a6bd66819ed5006a7c31f04fec2d09b5ee80598cd28f76369c815b5146df0d2b3e43097ae90cd3da23235c848
SSDEEP

1536:imIqGD31WHC+M0cBhaPefo9vJOxU/hnbbtTCS:im+DkHcrmvhbbtTl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/34490ea4c1b5e274d6d4e8b14c2edf01c6c0746613c24d14a3df192de00a3883.exe

Files

e4764a7594668f222b75f5e8f50d60bc.bin
.zip

Password: infected
34490ea4c1b5e274d6d4e8b14c2edf01c6c0746613c24d14a3df192de00a3883.exe
.exe windows x86

Password: infected

1a18b668284dbadcaf9f6749815ce74e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_controlfp
_strdup
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
memcmp
fseek
mbstowcs
wcslen
??2@YAPAXI@Z
time
tolower
fflush
_vsnprintf
fwrite
strtok
strchr
strcpy
strncmp
fgets
strtoul
fprintf
remove
printf
_splitpath
strstr
__p___argc
__p___argv
atoi
fopen
realloc
fread
fclose
srand
sscanf
strncpy
strrchr
strncat
_access
rand
strcmp
sprintf
strcat
wcscat
_snprintf
_ftol
free
malloc
memset
memcpy
strlen

ws2_32

inet_addr
WSACleanup
socket
setsockopt
ioctlsocket
bind
listen
select
__WSAFDIsSet
closesocket
WSAStartup
connect
send
recv
htons
accept

kernel32

FindFirstFileA
GetStartupInfoA
GenerateConsoleCtrlEvent
WaitForMultipleObjects
GetLogicalDrives
TerminateProcess
FileTimeToLocalFileTime
FindNextFileA
FindClose
ExpandEnvironmentStringsA
GetFileTime
SetFileTime
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GlobalLock
GlobalUnlock
FormatMessageA
SetConsoleCtrlHandler
GetLocalTime
GetFileSize
SetFilePointer
ReadFile
TerminateThread
GetTempPathA
MoveFileA
CreateMutexA
WaitForSingleObject
ExitProcess
GetSystemDirectoryA
GetFileAttributesA
SetFileAttributesA
GetCurrentProcessId
OpenProcess
CreateProcessA
DeleteFileA
GetVersionExA
GetLocaleInfoA
GetComputerNameA
GetModuleHandleA
GetProcAddress
LoadLibraryA
QueryPerformanceFrequency
QueryPerformanceCounter
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
GetTickCount
EnterCriticalSection
LeaveCriticalSection
ExitThread
GetModuleFileNameA
CreateThread
WideCharToMultiByte
CopyFileA
GetLastError
CreateFileA
TransactNamedPipe
WriteFile
CloseHandle
MultiByteToWideChar
Sleep
GetExitCodeProcess
PeekNamedPipe
DuplicateHandle
GetCurrentProcess
CreatePipe
GetTimeFormatA
GetDateFormatA
FileTimeToSystemTime
GlobalMemoryStatus

Sections

.text
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

1a18b668284dbadcaf9f6749815ce74e

Headers

File Characteristics

Imports

msvcrt

ws2_32

kernel32

Sections

.text Size: 73KB - Virtual size: 73KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 36KB - Virtual size: 340KB

.text
Size: 73KB - Virtual size: 73KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 36KB - Virtual size: 340KB