436c7dbf99a38aa791b2316c16d0249b[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

436c7dbf99a38aa791b2316c16d0249b.bin
Size

235KB
MD5

754e44be07c64637b00f03f5548545f4
SHA1

8318a1b3ea475932fd23d9ecb6004a90a18822dd
SHA256

e915ab5e400557af455e7a1af5dfe6a35eef4c4f7dd967ee82724a077f07d463
SHA512

f81c832c5978a3403d8c6d39a7089aa68e16cb47928991fa88df2c8b24284507c3ce756515127de60aa1ded930b159ea861238bb3d330a76545fb02c30f59327
SSDEEP

6144:j8/5IEy1rH3hZxmJKOmvA3V0vDpY1UK15onAEfvcQbo:Y/5Lyl3hcB6A391U4onJPbo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/9133ec162eeb4d237c259dafb5722ece057f88a972115299b8280fb0493a30ac.exe

Files

436c7dbf99a38aa791b2316c16d0249b.bin
.zip

Password: infected
9133ec162eeb4d237c259dafb5722ece057f88a972115299b8280fb0493a30ac.exe
.exe windows:5 windows x86

Password: infected

e152f6e328695c7be0e02666bddd99cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveVectoredExceptionHandler
FindFirstFileW
FindFirstChangeNotificationW
WriteConsoleInputW
GetModuleHandleExA
GetConsoleAliasExesA
AllocConsole
DebugActiveProcessStop
WriteConsoleOutputCharacterA
MapUserPhysicalPages
GetConsoleAliasA
QueryDosDeviceA
WriteConsoleInputA
AddConsoleAliasW
GetNumaAvailableMemoryNode
OpenSemaphoreA
GetSystemDefaultLCID
MoveFileWithProgressA
GenerateConsoleCtrlEvent
FindNextVolumeMountPointA
GetConsoleAliasesA
ReadConsoleW
GetWindowsDirectoryA
GetCompressedFileSizeW
WaitNamedPipeW
SetCommState
GetDriveTypeA
GetEnvironmentStrings
GlobalAlloc
AddRefActCtx
GetVolumeInformationA
LoadLibraryW
SetCommConfig
CopyFileW
_hread
CreateEventA
GetExitCodeProcess
TransactNamedPipe
EnumSystemCodePagesA
GetFileAttributesW
SetDefaultCommConfigA
lstrcatA
lstrlenW
FindNextVolumeMountPointW
GetStartupInfoW
ReplaceFileA
GetTempPathW
GetShortPathNameA
GetNamedPipeHandleStateW
GetStartupInfoA
GetLastError
SetLastError
ReadConsoleOutputCharacterA
CreateConsoleScreenBuffer
WriteProfileSectionA
RemoveDirectoryA
SetStdHandle
VerLanguageNameW
OpenWaitableTimerA
AddAtomW
FindAtomA
FoldStringW
SetConsoleCursorInfo
GetModuleHandleA
SetLocaleInfoW
FindNextFileW
VirtualProtect
GetCurrentDirectoryA
CompareStringA
GetFileTime
GetConsoleCursorInfo
QueryPerformanceFrequency
SetProcessShutdownParameters
GetVolumeNameForVolumeMountPointW
DeleteFileW
ResetWriteWatch
GetSystemTime
EnumSystemLocalesW
lstrcpyW
AreFileApisANSI
CloseHandle
HeapSize
SetTimeZoneInformation
GlobalFix
MoveFileA
HeapReAlloc
GetCommandLineW
HeapSetInformation
EncodePointer
DecodePointer
IsProcessorFeaturePresent
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
HeapAlloc
HeapFree
HeapCreate
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RaiseException
Sleep
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
RtlUnwind
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FlushFileBuffers
WriteConsoleW
MultiByteToWideChar
LCMapStringW
GetStringTypeW
CreateFileW

user32

CharUpperW

advapi32

AbortSystemShutdownA

winhttp

WinHttpWriteData

Sections

.text
Size: 247KB - Virtual size: 247KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

e152f6e328695c7be0e02666bddd99cf

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

winhttp

Sections

.text Size: 247KB - Virtual size: 247KB

.data Size: 8KB - Virtual size: 3.5MB

.rsrc Size: 53KB - Virtual size: 53KB

.text
Size: 247KB - Virtual size: 247KB

.data
Size: 8KB - Virtual size: 3.5MB

.rsrc
Size: 53KB - Virtual size: 53KB