94f7dacd5b046eba244fceebe7b9a1dd[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

94f7dacd5b046eba244fceebe7b9a1dd.bin
Size

134KB
MD5

59b697d1df08ba65d1cbe0ac3ecc53f8
SHA1

8c638128a72161eff41b7de214c5e5993ee729b4
SHA256

d7c4c727afb36f1ced4d4143731e20542a3d67d3cd443d3a1d2e28db79dc61e7
SHA512

f34c7d19701bf07b1343660655529e2786f6e51ad0714cbd9d3de3832585d5024f354476abdd0b9b72462184817538d8c22fe1bf3c57d860a23805f545176981
SSDEEP

3072:jsyBuCSJDkWo8a7KRfi2YD02mI6Bn00uPLhDcTdmX1ihjJ3M1URbrsFlit:jsyBuCStk2aK+D02m3BluPtDOmuJWELt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/a5476eed216a55fa35d1a0ed0b4be51ce8c376e12a44a8f74f1ee9b1e0a1e685.exe

Files

94f7dacd5b046eba244fceebe7b9a1dd.bin
.zip

Password: infected
a5476eed216a55fa35d1a0ed0b4be51ce8c376e12a44a8f74f1ee9b1e0a1e685.exe
.exe windows x86

Password: infected

a19128c77d60d2b394dfa78b2e70b342

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msi

ord217
ord173

credui

CredUIParseUserNameW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

SetStdHandle
LoadLibraryA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
WriteConsoleA
GetConsoleCP
SetFilePointer
RtlUnwind
InitializeCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetConsoleOutputCP
GetCommandLineW
SetEnvironmentVariableW
GetCurrentProcess
GetProcAddress
Sleep
CloseHandle
GetLastError
CreateProcessW
GetShortPathNameW
GetModuleFileNameW
SearchPathW
GetComputerNameW
FormatMessageW
LoadLibraryW
LocalAlloc
LocalFree
GetModuleHandleW
WriteConsoleW
HeapSize
CreateFileA
FlushFileBuffers
GetConsoleMode
GetModuleFileNameA
GetStdHandle
WriteFile
ExitProcess
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
WideCharToMultiByte
LCMapStringA
HeapFree
HeapAlloc
GetCommandLineA
GetVersionExA
GetProcessHeap
GetStartupInfoA
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
MultiByteToWideChar

user32

CreateDialogParamW
DialogBoxIndirectParamW
InflateRect
GetSysColorBrush
SetCursor
DispatchMessageW
MessageBoxW
EnumWindows
SetDlgItemTextW
GetMessageW
TranslateMessage
PostQuitMessage
ChildWindowFromPoint
IsDialogMessageW
GetSysColor
RegisterClassExW
ShowWindow
LoadIconW
DefWindowProcW
InvalidateRect
SetWindowTextW
GetWindowThreadProcessId
SendMessageW
GetDlgItem
LoadCursorW
EndDialog

gdi32

SelectObject
GetStockObject
GetObjectW
SetTextColor
CreateFontIndirectW
StartPage
GetDeviceCaps
EndDoc
EndPage
StartDocW
SetMapMode
SetBkMode

comdlg32

PrintDlgW

advapi32

RegSetValueW
CreateProcessWithLogonW
RegCreateKeyExW
RegDeleteKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegCreateKeyW

shell32

ShellExecuteW
CommandLineToArgvW
SHGetMalloc
SHGetDesktopFolder

ole32

CoInitialize
CoCreateInstance
CoUninitialize
CoTaskMemFree

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 104KB - Virtual size: 100KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

a19128c77d60d2b394dfa78b2e70b342

Headers

File Characteristics

Imports

msi

credui

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 8KB - Virtual size: 6KB

Size: 104KB - Virtual size: 100KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 8KB - Virtual size: 6KB