bindconfig[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bindconfig.exe
Size

11KB
MD5

368de28d7abfbd248b4789c1541a4709
SHA1

5c8ffd40536489e0158eff61018812a03c009300
SHA256

e650eda2c5dc53b222d33378a45d3c8d880f682639691bda304fea51cd059369
SHA512

bc95759ff3b2d5cd02c00a07eedc3b91f2713386b0557fc8dfc1d2c015d8dd792e186e95f772b3fb1a234e6cf17ad332caa7cb9403e33f710a5a20a2d7e484cb
SSDEEP

192:XbtI8bQnYzrFD3KMeKw9uRG9ajTFsq4nZyao/dJEQ8oHAbIb/ibIL:WHnShLKP9uRzPSqRaydx82tWbg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bindconfig.exe

Files

bindconfig.exe
.exe windows:6 windows x86

d1d213c354d6a937808bec40e9d0f282

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_initterm
_amsg_exit
__setusermatherr
__p__commode
__p__fmode
__set_app_type
?terminate@@YAXXZ
_controlfp
_cexit
_XcptFilter
__getmainargs
_exit
exit
mbstowcs
printf

ole32

CoCreateInstance
CoUninitialize
CoTaskMemFree
CoInitializeEx

shlwapi

StrCmpLogicalW

kernel32

GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
RtlUnwind
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetCurrentProcessId

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ