152206e47cb4d68fd039b4f543607e96[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

152206e47cb4d68fd039b4f543607e96.bin
Size

7.4MB
MD5

b8e6e22d68e2421fa6ed87aea185a541
SHA1

b3858bb6e069fbe2d16c2629bd13d90b63a62359
SHA256

6cb744f6a0589b82794e5f57a446f856c72ffe37efc67b38305c64f98472ee0e
SHA512

3bd3ab18dd3f8ee43f75fedaa2746d173d21766da3ff317d8aa298dc8ae235092be2e9bf9d74b6a8189d2187fdad5e6ad6b1338d9d7161d8049a4e399aa55091
SSDEEP

196608:Hy+ejyof7NBAN+x/P6v4yxtT3tbScJKS9olAq4Vt:yNfBBA07yjT9ucR9olAq4r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/c7db5b424233ae4fdc25bf4c17349b1dc61d85bfd8b9d2d539f1f9ba703a7401.exe

Files

152206e47cb4d68fd039b4f543607e96.bin
.zip .ps1

Password: infected
c7db5b424233ae4fdc25bf4c17349b1dc61d85bfd8b9d2d539f1f9ba703a7401.exe
.exe windows x86

Password: infected

e51ee40ae0ed0decdf850b45dd7e4ce6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegQueryInfoKeyA
RegSetValueExA
RegCreateKeyExA

kernel32

LocalFree
LocalAlloc
GetLastError
GetCurrentProcess
lstrlenA
_lclose
_llseek
_lopen
WritePrivateProfileStringA
GetWindowsDirectoryA
CreateDirectoryA
GetFileAttributesA
GetModuleFileNameA
GetSystemDirectoryA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
lstrcmpA
FindFirstFileA
ExpandEnvironmentStringsA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
IsDBCSLeadByte
GetShortPathNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
CompareStringA
GetVersion
GetModuleHandleW
FreeResource
LockResource
LoadResource
SizeofResource
CloseHandle
ReadFile
WriteFile
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
CreateFileA
SetCurrentDirectoryA
GetTempFileNameA
GetVolumeInformationA
FormatMessageA
GetCurrentDirectoryA
ExitProcess
LoadLibraryExA
GetVersionExA
GetExitCodeProcess
GetProcAddress
CreateProcessA
GetTempPathA
GetSystemInfo
CreateMutexA
SetEvent
CreateEventA
CreateThread
ResetEvent
TerminateThread
GetDriveTypeA
FindResourceA
LoadLibraryA
FreeLibrary
InterlockedExchange
Sleep
InterlockedCompareExchange
GetStartupInfoA
RtlUnwind
SetUnhandledExceptionFilter
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
EnumResourceLanguagesA
MulDiv
GetDiskFreeSpaceA
WaitForSingleObject

gdi32

GetDeviceCaps

user32

SendDlgItemMessageA
GetDlgItem
SetForegroundWindow
SetWindowTextA
MessageBoxA
DialogBoxIndirectParamA
ShowWindow
EnableWindow
GetDlgItemTextA
GetDC
ReleaseDC
SetWindowPos
SendMessageA
PeekMessageA
MsgWaitForMultipleObjects
DispatchMessageA
CallWindowProcA
GetWindowLongA
SetWindowLongA
CharPrevA
CharUpperA
CharNextA
ExitWindowsEx
EndDialog
GetDesktopWindow
LoadStringA
SetDlgItemTextA
MessageBeep
GetWindowRect
GetSystemMetrics

msvcrt

_cexit
_exit
_XcptFilter
_ismbblead
exit
_acmdln
_initterm
_amsg_exit
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
_controlfp
__getmainargs
memcpy
memset
_vsnprintf

comctl32

ord17

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7.4MB - Virtual size: 7.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

e51ee40ae0ed0decdf850b45dd7e4ce6

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

msvcrt

comctl32

version

Sections

.text Size: 43KB - Virtual size: 42KB

.data Size: 1KB - Virtual size: 8KB

.rsrc Size: 7.4MB - Virtual size: 7.4MB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 43KB - Virtual size: 42KB

.data
Size: 1KB - Virtual size: 8KB

.rsrc
Size: 7.4MB - Virtual size: 7.4MB

.reloc
Size: 3KB - Virtual size: 3KB