6b1ba532bbd0e06814e70daae3438804[.]bin

General

Target

6b1ba532bbd0e06814e70daae3438804.bin
Size

2.6MB
MD5

848f16ff7ec8faf959a0743957139819
SHA1

bd6a600d59dad5c555b6c97ba4bc99aab59b3aae
SHA256

92428e406ff82aef4912f0d84752053ce69e2303769a9e1cdccb804c6998a945
SHA512

fa8afd2aa4b306c87593a76e9b44ff53686f293309e835dcee61c89363c9b026be49a5c21dd9103909c95fd163913702819fe19d731f157571e8f82810ca44cc
SSDEEP

49152:3kjgy1pXoOyJgS/dwLq3O61NnuSGhk6YYX9qvs5iW30m2OwIL0ndgwGHYrdEd:3k1pYObS/H1NnuSG60531VwoXmEd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/9d611670d5a5aa621e0e5f07e07b4ae0065a6a0e2aa7d4b370cd65fc03d1b36b.exe

Files

6b1ba532bbd0e06814e70daae3438804.bin
.zip

Password: infected
9d611670d5a5aa621e0e5f07e07b4ae0065a6a0e2aa7d4b370cd65fc03d1b36b.exe
.exe windows x86

Password: infected

d0e9a9842af23a2d59961265f1d86648

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

UpdateWindow
InvalidateRect
GetWindowTextLengthW
GetWindowTextW
SendMessageA
CreateWindowExW
RegisterClassExW
PeekMessageA
DispatchMessageA
TranslateMessage
LoadCursorW
LoadIconW
BeginPaint
ReleaseDC
GetDC
EndPaint
MoveWindow
DestroyWindow
ShowWindow
IsZoomed
IsIconic
IsWindowVisible
IsDialogMessageW

ole32

CoGetObjectContext
CoGetApartmentType

gdi32

DeleteObject
CreateCompatibleDC
DeleteDC
SelectObject
LineTo
CreateSolidBrush
CreatePen

kernel32

GetLastError
SetLastError
DecodePointer
EncodePointer
GetCurrentProcess
CompareStringEx
WideCharToMultiByte
MultiByteToWideChar
TlsAlloc
TlsSetValue
TlsGetValue
TlsFree
ExitProcess
CloseHandle
ReadConsoleW
GetStdHandle
WriteConsoleW
GetConsoleMode
HeapFree
HeapReAlloc
HeapAlloc
HeapSize
IsBadReadPtr
IsValidCodePage
IsValidLocale

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 672KB - Virtual size: 672KB

IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

d0e9a9842af23a2d59961265f1d86648

Headers

DLL Characteristics

File Characteristics

Imports

user32

ole32

gdi32

kernel32

Sections

.text Size: 2.7MB - Virtual size: 2.7MB

.rdata Size: 672KB - Virtual size: 672KB

.data Size: 1024B - Virtual size: 1024B

.idata Size: 1KB - Virtual size: 4KB

.rsrc Size: 34KB - Virtual size: 34KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 2.7MB - Virtual size: 2.7MB

.rdata
Size: 672KB - Virtual size: 672KB

.data
Size: 1024B - Virtual size: 1024B

.idata
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 34KB - Virtual size: 34KB

.reloc
Size: 512B - Virtual size: 4KB