2f60eab19db43c6a3a0fc98ca784a6a8[.]bin

General

Target

2f60eab19db43c6a3a0fc98ca784a6a8.bin
Size

11KB
MD5

0e21904937c7e4d82394b10b63a23010
SHA1

dd779325b5dfcdd6af1a473351486ebc70dd6884
SHA256

e49aa67c48b8df11f735adaa06af924f1f910b558a3f52db7e8b513766d29feb
SHA512

cac9ac05e5e96853c9067d0ebdaa885840d6139c5c51cffa668e965130448251099a920342d695bab740eca9fdfb8f80fc392764b4f1caf242579a80131a2e01
SSDEEP

192:1+6zVB6qMWDAwE/YGf8PDm0rJ4IagEcTSpM9xTlSpvl6XoTlB/Si:1jBsg+/MS0bag3BRlCli3i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/b4bf3e5d5e85ff314abf8acc1f3150bed6e9d9da7814a1166a9ecfd858e8fd99.exe

Files

2f60eab19db43c6a3a0fc98ca784a6a8.bin
.zip .ps1

Password: infected
b4bf3e5d5e85ff314abf8acc1f3150bed6e9d9da7814a1166a9ecfd858e8fd99.exe
.exe windows:5 windows x86

Password: infected

43fb8184229f053b2b9a573a33981d5d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcr90

_except_handler4_common
_decode_pointer
_controlfp_s
_crt_debugger_hook
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
__set_app_type
_encode_pointer
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
__initenv
exit
_XcptFilter
_exit
_cexit
__getmainargs
_amsg_exit
_strdup
realloc
bsearch
qsort
memset
memcpy
_stricmp
setbuf
getenv
atoi
malloc
free
_snprintf
strncmp
strrchr
fprintf
__iob_func
_invoke_watson
strncpy

kernel32

UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
HeapAlloc
IsBadReadPtr
SetLastError
GetProcessHeap
HeapFree
VirtualFree
VirtualProtect
VirtualAlloc
FreeLibrary
GetModuleHandleA
OutputDebugStringA
GetFullPathNameA
LoadLibraryA
GetProcAddress
UnmapViewOfFile
CreateFileA
GetFileSize
CreateFileMappingA
CloseHandle
MapViewOfFile
FindResourceA
LoadResource
LockResource
GetModuleFileNameA
GetLastError
FormatMessageA
LocalFree
IsDebuggerPresent

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

43fb8184229f053b2b9a573a33981d5d

Headers

DLL Characteristics

File Characteristics

Imports

msvcr90

kernel32

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 3KB - Virtual size: 5KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 3KB - Virtual size: 5KB

.rsrc
Size: 9KB - Virtual size: 8KB