685df293da4b199319745ec4387a3792[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

685df293da4b199319745ec4387a3792.bin
Size

159KB
MD5

bbc84f717ba81a6bd5cb66c0c75b3e7d
SHA1

e89fa69eb60485ea883176b73c525072900fc07a
SHA256

008982902785153fb701b14ff2101764dce9af00285a4ca816d281c451873e8d
SHA512

e50f23899385f9860a98f08c63f7507240e98802cf3b7b947cebcbff98b84e096475fc8670d371f9a1fa083ba9d4b2118947f77c6d5532f143d890610a71c889
SSDEEP

3072:GRphJN7rYZb3uKw6nNC7irbHcbDskpKMPvHsa70lX/aCbbCvsiwlHM8:OhzwJtwsXUbDxPvHs80pSIb2sm8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/3102bba137f72b152994850183b472b718017c991a370b663ddb7b51e91afbb9.exe

Files

685df293da4b199319745ec4387a3792.bin
.zip

Password: infected
3102bba137f72b152994850183b472b718017c991a370b663ddb7b51e91afbb9.exe
.exe windows:5 windows x86

Password: infected

af52538c49e68cf6a3fee4a7384c59a3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDateFormatW
FillConsoleOutputCharacterA
EnumResourceNamesW
SetVolumeLabelA
EndUpdateResourceW
GetConsoleAliasA
WritePrivateProfileSectionA
GetSystemWindowsDirectoryW
InterlockedCompareExchange
SetComputerNameW
AddConsoleAliasW
SetVolumeMountPointW
_lclose
MoveFileWithProgressA
GetTickCount
GetNumberFormatA
CreateActCtxW
SetProcessPriorityBoost
GetVolumeInformationA
GlobalFindAtomA
LoadLibraryW
TerminateThread
ReadConsoleInputA
SizeofResource
GetFileAttributesA
TransactNamedPipe
FindNextVolumeW
CreateSemaphoreA
FileTimeToSystemTime
GetCompressedFileSizeA
GetACP
SetLastError
ReadConsoleOutputCharacterA
GetProcAddress
VirtualAlloc
PeekConsoleInputW
RemoveDirectoryA
EnumSystemCodePagesW
_hwrite
InterlockedExchangeAdd
LocalAlloc
GetFileType
CreateHardLinkW
AddAtomW
BeginUpdateResourceA
GetCommMask
FoldStringW
FindNextFileA
FreeEnvironmentStringsW
VirtualProtect
TerminateJobObject
GetWindowsDirectoryW
GetCurrentProcessId
OpenFileMappingA
LocalFree
GetProcessHeap
SetEndOfFile
GetLocaleInfoA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
MultiByteToWideChar
GetModuleHandleW
Sleep
ExitProcess
GetCommandLineA
GetStartupInfoA
GetLastError
WriteFile
GetStdHandle
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
HeapAlloc
HeapFree
RaiseException
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
HeapSize
RtlUnwind
ReadFile
GetCPInfo
GetOEMCP
IsValidCodePage
SetHandleCount
SetFilePointer
LoadLibraryA
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsA
GetEnvironmentStrings
GetEnvironmentStringsW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapReAlloc
GetModuleHandleA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CloseHandle
CreateFileA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

user32

GetWindowTextLengthW
CharUpperBuffW
LoadBitmapA
LoadMenuA
LoadMenuW
SetMenu
CharToOemBuffW
ChangeDisplaySettingsA
GetMessagePos

Sections

.text
Size: 166KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 540KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

af52538c49e68cf6a3fee4a7384c59a3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 166KB - Virtual size: 165KB

.data Size: 7KB - Virtual size: 1.5MB

.rsrc Size: 41KB - Virtual size: 540KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 166KB - Virtual size: 165KB

.data
Size: 7KB - Virtual size: 1.5MB

.rsrc
Size: 41KB - Virtual size: 540KB

.reloc
Size: 10KB - Virtual size: 10KB