79862d1e71e51ca677b035f3be29c062[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

79862d1e71e51ca677b035f3be29c062.bin
Size

144KB
MD5

36da78631bc6cc2dc6762575d3afdb9f
SHA1

c38e2a5e1dbd728e3840c62a1e52efba7e7acf16
SHA256

1a5324d0f52de2e2ed70ee8098c26f84d752d5db3838d6d9c1073313dfb4e244
SHA512

22322dabe8e7fb2d2743660b16f62a696ac55436f9e43db11c91741c82b02ff035f12c438d8503a1dfa775e9f3f464ec81890d0df54e13e58e2a63f8da8015d1
SSDEEP

1536:TdOzBSoctxu/L5rdqxIUuxW0JsuhqO0BjpWxMeZtHiiCt69EqNfJ1/Dh0Laysu2v:4pJdu2xWFivu3iC4Dn1/L+TJbdCfMM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/c9ea3ac3016093a34f864a52b854e01d655be9f1848fc6de098c79a3d560fc19.exe

Files

79862d1e71e51ca677b035f3be29c062.bin
.zip

Password: infected
c9ea3ac3016093a34f864a52b854e01d655be9f1848fc6de098c79a3d560fc19.exe
.exe windows:5 windows x86

Password: infected

b9f69a119dfb935d85204ae1d9e63436

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetVolumeLabelA
CreateFileA
SearchPathW
GetConsoleAliasesLengthW
FindResourceW
UpdateResourceA
GlobalAddAtomA
GetConsoleAliasA
FreeEnvironmentStringsA
GetModuleHandleW
GetTickCount
GetConsoleAliasesA
GetWindowsDirectoryA
GetPriorityClass
GetVolumePathNameW
LoadLibraryW
ReadConsoleInputA
SizeofResource
GetSystemWindowsDirectoryA
GetConsoleAliasExesLengthW
DeleteVolumeMountPointW
EnumSystemCodePagesA
IsProcessorFeaturePresent
VerifyVersionInfoA
TerminateProcess
SetComputerNameExW
lstrcatA
GetConsoleAliasesW
FillConsoleOutputCharacterA
InterlockedFlushSList
SetLastError
GetProcAddress
VirtualAlloc
BackupWrite
CreateNamedPipeA
SetFileAttributesA
PrepareTape
OpenWaitableTimerA
InterlockedExchangeAdd
LocalAlloc
GetNumberFormatW
RemoveDirectoryW
SetConsoleWindowInfo
FoldStringW
FoldStringA
GlobalFindAtomW
QueryMemoryResourceNotification
FreeEnvironmentStringsW
VirtualProtect
PeekConsoleInputA
GetWindowsDirectoryW
GetCurrentProcessId
AddConsoleAliasA
GetLastError
CloseHandle
GetStartupInfoW
RaiseException
RtlUnwind
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapFree
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
Sleep
HeapSize
ExitProcess
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
WriteFile
GetModuleFileNameA
GetModuleFileNameW
GetEnvironmentStringsW
GetCommandLineW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
InitializeCriticalSectionAndSpinCount
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
FlushFileBuffers
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW

user32

CharToOemBuffA

gdi32

GetCharABCWidthsFloatA

winhttp

WinHttpWriteData

Sections

.text
Size: 138KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

b9f69a119dfb935d85204ae1d9e63436

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

winhttp

Sections

.text Size: 138KB - Virtual size: 138KB

.data Size: 16KB - Virtual size: 4.4MB

.rsrc Size: 67KB - Virtual size: 67KB

.reloc Size: 17KB - Virtual size: 17KB

.text
Size: 138KB - Virtual size: 138KB

.data
Size: 16KB - Virtual size: 4.4MB

.rsrc
Size: 67KB - Virtual size: 67KB

.reloc
Size: 17KB - Virtual size: 17KB