f9969ef3805249fe3fd6f6ffdb0723b8[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

f9969ef3805249fe3fd6f6ffdb0723b8.bin
Size

127KB
MD5

60763b5a22e6ec0c535c88df4e4aa79b
SHA1

c5e484b29a2594abc1af69116bfac141bcb91382
SHA256

213e69165e71021916b2c7ddb354062a806235733680d99a808849956f42439e
SHA512

b7c69f31d24a6863feb4048310ea20965c21822d9de11a9e14818f289ece2b08389666b4c14b5342d4c2d8896e6fd03cf87d81b9ae37abb60a48b1a2524c4f8c
SSDEEP

3072:ip4pjzsvSb/keafi7PArPbRbaJQv9UOt6YT9/rXEQaJlVAK5:ThzsaoRi7PsaSvnTpXWJlVAK5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/51690da60d1c2bfe20e0e865240193bc3d9e2dbc3e5727de8891976b01b83fa0.exe

Files

f9969ef3805249fe3fd6f6ffdb0723b8.bin
.zip

Password: infected
51690da60d1c2bfe20e0e865240193bc3d9e2dbc3e5727de8891976b01b83fa0.exe
.exe windows:5 windows x86

Password: infected

f90e29ae4efabbc6b498b140aa3b7a65

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLocaleInfoA
WriteConsoleInputW
AllocConsole
GlobalCompact
WriteConsoleOutputCharacterA
MapUserPhysicalPages
ReadConsoleA
GetEnvironmentStringsW
GetModuleHandleExW
GetUserDefaultLCID
WriteConsoleInputA
AddConsoleAliasW
GetNumaAvailableMemoryNode
OpenSemaphoreA
SetCommBreak
SetTapeParameters
GenerateConsoleCtrlEvent
FindNextVolumeMountPointA
GetWindowsDirectoryA
GetCompressedFileSizeW
GetConsoleAliasExesW
WaitNamedPipeW
FindActCtxSectionStringA
SetCommState
GetDriveTypeA
AddRefActCtx
GetVolumeInformationA
LoadLibraryW
CopyFileW
_hread
CreateEventA
EnumSystemCodePagesA
GetConsoleAliasW
GetFileAttributesW
TerminateProcess
GetTimeZoneInformation
lstrlenW
FindNextVolumeMountPointW
GetStartupInfoW
ReplaceFileA
FindFirstChangeNotificationW
GetShortPathNameA
GetNamedPipeHandleStateW
EnumSystemLocalesA
GetConsoleAliasesW
GetStartupInfoA
FindFirstFileA
GetLastError
GetCurrentDirectoryW
SetLastError
CreateConsoleScreenBuffer
VerLanguageNameA
WriteProfileSectionA
RemoveDirectoryA
SetStdHandle
SearchPathA
FindClose
OpenWaitableTimerA
LocalAlloc
GlobalGetAtomNameW
FindAtomA
FoldStringW
GlobalFindAtomW
FindNextFileA
SetConsoleCursorInfo
GetModuleHandleA
FindNextFileW
VirtualProtect
CompareStringA
GetConsoleCursorInfo
QueryPerformanceFrequency
GetShortPathNameW
SetProcessShutdownParameters
MoveFileWithProgressW
AddConsoleAliasA
ResetWriteWatch
ReadConsoleOutputCharacterW
EnumSystemLocalesW
AreFileApisANSI
DeleteFileA
CreateFileW
HeapSize
RemoveVectoredExceptionHandler
GetTempPathW
GetVolumeNameForVolumeMountPointA
HeapReAlloc
GetCommandLineW
HeapSetInformation
DecodePointer
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EncodePointer
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
DeleteCriticalSection
HeapAlloc
SetFilePointer
HeapFree
HeapCreate
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetModuleFileNameW
FreeEnvironmentStringsW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
Sleep
RtlUnwind
FlushFileBuffers
WriteConsoleW
MultiByteToWideChar
LCMapStringW
GetStringTypeW
IsProcessorFeaturePresent
CloseHandle

user32

CharUpperA

gdi32

GetCharWidthFloatW

advapi32

AbortSystemShutdownW

winhttp

WinHttpWriteData

Sections

.text
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

f90e29ae4efabbc6b498b140aa3b7a65

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

winhttp

Sections

.text Size: 121KB - Virtual size: 121KB

.data Size: 7KB - Virtual size: 3.5MB

.rsrc Size: 77KB - Virtual size: 76KB

.text
Size: 121KB - Virtual size: 121KB

.data
Size: 7KB - Virtual size: 3.5MB

.rsrc
Size: 77KB - Virtual size: 76KB