88ac310a2e8d61f7bafd6c03755e121a[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

88ac310a2e8d61f7bafd6c03755e121a.bin
Size

95KB
MD5

07dc12c2197611e803c9701fac6fa81f
SHA1

28718d345d13167d0bc400a80a20cce0eef9b723
SHA256

c80803f241943da6384a8ea4728626a96b16e46b42b4b25968f0e3e4a99a0276
SHA512

fa88e363f87ed0d73afe72f6e6c8b9ef8825ef792dfc6dae1351ed31f1502281a03bfe849bfa2375be148ca06476e09c3bc438cfaf71ec0644a8c08e7590054a
SSDEEP

1536:6zI6HxhmH6K5UID2WQpjwWHK0Tik4Vl1nv30kBTA3OEVJCWpKBveCd9+ezQTZKk:6U6RhmaKeWQpcWqYik4Vl1nfbTA3OWJN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/cf2c513cfc0810a9a2b62ad2166d9635d03945d98747869aad73488f35c62f81.exe

Files

88ac310a2e8d61f7bafd6c03755e121a.bin
.zip

Password: infected
cf2c513cfc0810a9a2b62ad2166d9635d03945d98747869aad73488f35c62f81.exe
.exe windows:6 windows x86 arch:x86

Password: infected

487a8406e26ff2bbc79d17b6808bf18a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrRChrA

kernel32

CreateFileW
OutputDebugStringW
EnumSystemCodePagesA
VirtualAlloc
GetTempPathW
FindNextFileW
WriteConsoleW
SetStdHandle
FindFirstFileW
FindClose
DeleteFileW
LoadLibraryExW
SetEndOfFile
ReadConsoleW
LeaveCriticalSection
HeapReAlloc
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameW
SetFilePointerEx
ReadFile
GetFileType
GetStdHandle
GetConsoleMode
GetConsoleCP
WriteFile
FlushFileBuffers
CloseHandle
GetProcessHeap
IsDebuggerPresent
GetCurrentThreadId
GetOEMCP
GetACP
IsValidCodePage
HeapSize
AreFileApisANSI
GetModuleHandleExW
ExitProcess
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
IsProcessorFeaturePresent
GetProcAddress
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
EnterCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
GetLastError
HeapFree
RaiseException
RtlUnwind
GetCommandLineW
GetCPInfo
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc

pdh

PdhGetDataSourceTimeRangeA
PdhVbAddCounter

avifil32

AVIStreamGetFrameClose
AVIFileInfoA
AVIFileGetStream
AVIStreamWrite
EditStreamSetInfoA
AVIFileOpenW

avicap32

capGetDriverDescriptionA

msvfw32

MCIWndCreate
ICClose
ICDrawBegin

urlmon

UrlMkSetSessionOption
CoGetClassObjectFromURL
IsLoggingEnabledA
URLDownloadA
HlinkSimpleNavigateToString
RevokeFormatEnumerator

user32

SetMenuItemBitmaps
DdeKeepStringHandle
RegisterDeviceNotificationW
CopyAcceleratorTableW
ChangeMenuW
DdeCmpStringHandles
UnhookWindowsHookEx
BroadcastSystemMessage
DdeQueryStringA
MessageBoxExW
GetWindowRect

winmm

timeBeginPeriod
midiOutPrepareHeader
mod32Message
mixerGetID
midiInOpen
joyReleaseCapture
midiInGetID
mmGetCurrentTask

mpr

WNetGetResourceParentA
WNetEnumResourceW
WNetGetProviderNameW
WNetGetConnectionW
WNetCancelConnection2A
WNetGetUserA
WNetOpenEnumW
WNetCancelConnection2W
MultinetGetConnectionPerformanceW

shell32

SHGetDataFromIDListW
SHInvokePrinterCommandW
FindExecutableA
SHGetInstanceExplorer
SHFileOperationA

ole32

CoInstall

Sections

.text
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

487a8406e26ff2bbc79d17b6808bf18a

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

pdh

avifil32

avicap32

msvfw32

urlmon

user32

winmm

mpr

shell32

ole32

Sections

.text Size: 125KB - Virtual size: 124KB

.rdata Size: 38KB - Virtual size: 37KB

.data Size: 14KB - Virtual size: 23KB

.text
Size: 125KB - Virtual size: 124KB

.rdata
Size: 38KB - Virtual size: 37KB

.data
Size: 14KB - Virtual size: 23KB