c4d2cf79f511e2e32babcc981ddf09af[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

c4d2cf79f511e2e32babcc981ddf09af.bin
Size

155KB
MD5

cb10ce0ccc4a33713751b3bf2c7be950
SHA1

a1b63f9fe415713500762ded4f8283e2b5f60a8f
SHA256

28db9ac6a45e3ce3e718017fa91cf49e2aded0f38fbe27663f0f05eb37eeed05
SHA512

effb7784ac221835a39e0ee0b0d378ea5fc5e8dc11e3d1806e0531e38c1c9ebbf3eaadc5807a4355f99181b29d1dddc608321b551f910b67acc983f69ae88f52
SSDEEP

3072:paKbTrQkhSw1mgnKFbQU+hBnFo+mIe2e+FwUQPywE2+6w0Hbcd:p9HrnSZ6CsDQ2x6Pux

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/303cfe01cf0a8b0815b0e91080e6cb8d3a1b3e8052a969449bd9008decd8fcd4.exe

Files

c4d2cf79f511e2e32babcc981ddf09af.bin
.zip

Password: infected
303cfe01cf0a8b0815b0e91080e6cb8d3a1b3e8052a969449bd9008decd8fcd4.exe
.exe windows x86

Password: infected

5a013624489e6703ae44eba8e360cecd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
SetLocaleInfoA
EnumCalendarInfoA
GetStringTypeA
GetProfileIntW
GetSystemWindowsDirectoryW
GetComputerNameW
CreateHardLinkA
LockFile
GetTickCount
GetConsoleAliasesA
GetWindowsDirectoryA
GetDateFormatA
FindResourceExA
ReadConsoleInputA
_hread
GetVersionExW
FindNextVolumeW
Beep
VerifyVersionInfoA
GetVolumePathNameA
ReplaceFileA
FlushFileBuffers
SetCurrentDirectoryA
CreateMutexW
OpenMutexW
GetLastError
SetLastError
lstrcmpiA
GetProcAddress
GetLongPathNameA
BeginUpdateResourceW
EnumDateFormatsExA
HeapUnlock
CopyFileA
EnumSystemCodePagesW
LoadLibraryA
LocalAlloc
SetProcessWorkingSetSize
GetModuleHandleA
CreateMutexA
VirtualProtect
FileTimeToLocalFileTime
lstrcpyA
CloseHandle
CreateFileA
WriteConsoleW
GetConsoleOutputCP
FindFirstFileA
GetDateFormatW
InterlockedIncrement
InterlockedDecrement
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapFree
RtlUnwind
RaiseException
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
HeapAlloc
WideCharToMultiByte
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
HeapSize
ExitProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
WriteFile
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
VirtualAlloc
HeapReAlloc
GetLocaleInfoA
GetStringTypeW
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA

user32

CharUpperBuffW
GetMenuBarInfo
CharLowerBuffW
DdeQueryStringW
GetClipboardOwner
CharToOemBuffA

advapi32

LogonUserW

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

5a013624489e6703ae44eba8e360cecd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 152KB - Virtual size: 151KB

.data Size: 7KB - Virtual size: 260KB

.rsrc Size: 71KB - Virtual size: 71KB

.reloc Size: 8KB - Virtual size: 7KB

.text
Size: 152KB - Virtual size: 151KB

.data
Size: 7KB - Virtual size: 260KB

.rsrc
Size: 71KB - Virtual size: 71KB

.reloc
Size: 8KB - Virtual size: 7KB