c4040c9572e25b68248895c75[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

c4040c9572e25b68248895c75.bin
Size

1.2MB
MD5

49a744c4fab659d05f2728c120e852ac
SHA1

766451c647593c5785ca77bfc9aa476ffd6c3b31
SHA256

67023e5eea41ad1c9c1309c6184a031934774c6434715e5def0bd6267d501bbe
SHA512

2d39f205ba6a821fa8ccb0cb71d0816997a59a8305936ee99ba7cf99abb7dfc005c59b3b566f299a22a9e13c1f054e2910d465a705b8103199296c73b1e4f99c
SSDEEP

24576:mPcYTGV4d65eSuYxvY+zB7RwEL/AJVGb0v5MKc8PC3OMxz1yPy8S2xCZF0O+oIz/:mzTVE5eatdzB7XL/A3zvcoC7jF83u+v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/2daebd8dfaff129627b1e4b6f8dc3df6ffa6e48035fa2806bfad550d8980fdad.exe

Files

c4040c9572e25b68248895c75.bin
.zip

Password: infected
2daebd8dfaff129627b1e4b6f8dc3df6ffa6e48035fa2806bfad550d8980fdad.exe
.exe windows x86

9b8bc88ec2effd02d5a41d9eb86ed569

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

Rectangle
GetDCBrushColor
GetViewportExtEx

ole32

CoGetApartmentType
CoGetObjectContext

kernel32

CreateFileW
HeapSize
ReadConsoleW
GetModuleHandleA
FreeConsole
GetModuleHandleW
RaiseException
GetCurrentThreadId
IsProcessorFeaturePresent
GetLastError
FreeLibraryWhenCallbackReturns
CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpoolWork
GetModuleHandleExW
MultiByteToWideChar
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableSRW
InitOnceComplete
InitOnceBeginInitialize
GetStringTypeW
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
TryAcquireSRWLockExclusive
WideCharToMultiByte
CloseHandle
WaitForSingleObjectEx
QueryPerformanceCounter
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
LCMapStringEx
GetSystemTimeAsFileTime
GetProcAddress
GetCPInfo
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
SetStdHandle
RtlUnwind
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleFileNameW
GetStdHandle
WriteFile
GetCommandLineA
GetCommandLineW
HeapAlloc
HeapFree
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileType
GetFileSizeEx
SetFilePointerEx
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadFile
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
WriteConsoleW

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.Sider
Size: 684KB - Virtual size: 684KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

9b8bc88ec2effd02d5a41d9eb86ed569

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

ole32

kernel32

Sections

.text Size: 164KB - Virtual size: 164KB

.rdata Size: 61KB - Virtual size: 60KB

.data Size: 1.1MB - Virtual size: 1.1MB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 9KB - Virtual size: 8KB

.Sider Size: 684KB - Virtual size: 684KB

.text
Size: 164KB - Virtual size: 164KB

.rdata
Size: 61KB - Virtual size: 60KB

.data
Size: 1.1MB - Virtual size: 1.1MB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 9KB - Virtual size: 8KB

.Sider
Size: 684KB - Virtual size: 684KB