1d4ab49469b205169a13d69458e153a9[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

1d4ab49469b205169a13d69458e153a9.bin
Size

1.2MB
MD5

1d4ab49469b205169a13d69458e153a9
SHA1

c21a43fe97c55f94b208f38c4a7949e6660fcd04
SHA256

61b4b75ba513fc42db03c860f23591975be51811b9b447d841b6dd60919eb79b
SHA512

a8fa9cf17f38f5bceb21cfb9abb25c657171f7575e882c3ef6b9e66d61819c4dd18b8c998a450d7e4762e78f50006a045bc76668761c07884dbf1f8fcc63162d
SSDEEP

12288:nrUnqV4LSv3NGNVkxs8qCvJfmiLtvphVXnXrXTwyk0MkF092:lqLCN+98XvJeiL3hVXnXrXTwx1kFe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d4ab49469b205169a13d69458e153a9.bin

Files

1d4ab49469b205169a13d69458e153a9.bin
.exe windows x64

746e8d57cec13a5061735caa16e0a6eb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

memmove
memset
memcpy
__iob_func
fprintf
exit
strerror
strlen
fflush
fwrite
_get_osfhandle
atexit
setbuf
memcmp
qsort
wcslen
_snprintf
sscanf
strftime
_wgetenv
_putenv
_close
_write
_read
_wopen
_errno
_fdopen
_fseeki64
feof
_wfreopen
fread
ferror
fputs
getc
ftell
fclose
fseek
rewind
_chsize_s
_wstat64
_wrename
_wfopen
_fileno
_wpopen
_pclose
_wsystem
_waccess
_wremove
_wchdir
_wgetcwd
_chmod
_execvp
_execve
_getpid
signal
_gmtime64
_localtime64
_time64
_utime64
_stat64
getenv
_strtoui64
atol
atoi
malloc
free
_setjmp
_beginthreadex
_endthreadex
_vsnprintf
vfprintf
strchr
strstr
longjmp
__argc
__wargv
_wenviron
_XcptFilter
__set_app_type
_controlfp
__wgetmainargs

kernel32

SetConsoleOutputCP
GetConsoleMode
GetConsoleOutputCP
GetStdHandle
SetConsoleMode
AddVectoredExceptionHandler
GetLastError
FormatMessageW
MultiByteToWideChar
WideCharToMultiByte
GetTickCount
QueryPerformanceFrequency
QueryPerformanceCounter
SystemTimeToTzSpecificLocalTime
GetSystemTimeAsFileTime
FileTimeToSystemTime
Sleep
LoadLibraryW
FreeLibrary
GetProcAddress
IsDebuggerPresent
GetEnvironmentStringsW
FreeEnvironmentStringsW
CopyFileW
RemoveDirectoryW
ReadConsoleW
ReadFile
GetModuleFileNameW
GetFileAttributesW
CreateFileW
GetFinalPathNameByHandleW
CloseHandle
GetFullPathNameW
FindFirstFileW
FindClose
FindNextFileW
CreateDirectoryW
CreatePipe
SetHandleInformation
ExpandEnvironmentStringsW
CreateProcessW
WaitForSingleObject
GetExitCodeProcess
CreateSymbolicLinkW
CreateHardLinkW
GetComputerNameW
GetLongPathNameW
GetModuleHandleA
TerminateProcess
GenerateConsoleCtrlEvent
PeekNamedPipe
EnterCriticalSection
LeaveCriticalSection
DebugBreak
InitializeCriticalSection
DeleteCriticalSection
GetEnvironmentVariableA
GetModuleFileNameA
CreateFileA
SetFilePointer
WriteFile
GetSystemInfo
VirtualQuery
VirtualAlloc
VirtualFree
GlobalAlloc
GlobalFree
GetCurrentProcess
GetCurrentThread
DuplicateHandle
GetCurrentThreadId
GetExitCodeThread
SuspendThread
GetThreadContext
ResumeThread
SetLastError
CreateThread
ExitThread
SetUnhandledExceptionFilter

advapi32

GetUserNameW

user32

MessageBoxA

Exports

Exports

__bt_init
tcc_backtrace

Sections

.text
Size: 753KB - Virtual size: 752KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.stab
Size: 327KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.stabstr
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

746e8d57cec13a5061735caa16e0a6eb

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

user32

Exports

Exports

Sections

.text Size: 753KB - Virtual size: 752KB

.data Size: 39KB - Virtual size: 229KB

.pdata Size: 20KB - Virtual size: 19KB

.rdata Size: 8KB - Virtual size: 7KB

.stab Size: 327KB - Virtual size: 326KB

.stabstr Size: 99KB - Virtual size: 98KB

.text
Size: 753KB - Virtual size: 752KB

.data
Size: 39KB - Virtual size: 229KB

.pdata
Size: 20KB - Virtual size: 19KB

.rdata
Size: 8KB - Virtual size: 7KB

.stab
Size: 327KB - Virtual size: 326KB

.stabstr
Size: 99KB - Virtual size: 98KB