3d3a5e65f3af78a3cbe9f69f2791970b[.]bin

General

Target

3d3a5e65f3af78a3cbe9f69f2791970b.bin
Size

101KB
MD5

6afdfe698a20a3e290470d36d968ecbc
SHA1

c928a3bf483f5522f69f038b968c8812fb30170a
SHA256

80e854b69ae4eab1976976afd9c1ea53cf7e373f4ec8ed7ac1a44347efa5fa59
SHA512

1c4e8c09d38457b97a60330d0673616a0048b3b8d92161949d452b2e9209a3291d37a49127bf1aa12fabf153c892455d85bd9e6aeff327ecfdc5d0b399caceca
SSDEEP

3072:BW4TiLMCnXOmdjWSdENTEza7IKhuOxrqng5dDQxdFY1:BmXHjHK/hGgDk+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/3d5f7520b01254db7511077a34d1d7c8ac297c38f71f6f13ad50d73005137ea2.exe

Files

3d3a5e65f3af78a3cbe9f69f2791970b.bin
.zip

Password: infected
3d5f7520b01254db7511077a34d1d7c8ac297c38f71f6f13ad50d73005137ea2.exe
.exe windows:4 windows x86 arch:x86

Password: infected

8fe84a1eb6b1ab1a5ede596d35e3417a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateRemoteThread
DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
OutputDebugStringA
QueryPerformanceCounter
SetLastError
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualAllocEx
VirtualProtect
VirtualQuery
WaitForSingleObject
WriteProcessMemory

msvcrt

__getmainargs
__initenv
__lconv_init
__p__acmdln
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_initterm
_iob
_onexit
_wcsnicmp
abort
calloc
exit
fprintf
free
fwrite
malloc
memcpy
signal
strlen
strncmp
vfprintf

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1000B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

8fe84a1eb6b1ab1a5ede596d35e3417a

Headers

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 7KB - Virtual size: 7KB

.data Size: 125KB - Virtual size: 125KB

.rdata Size: 1KB - Virtual size: 1KB

.bss Size: - Virtual size: 1000B

.idata Size: 1KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 8B

.text
Size: 7KB - Virtual size: 7KB

.data
Size: 125KB - Virtual size: 125KB

.rdata
Size: 1KB - Virtual size: 1KB

.bss
Size: - Virtual size: 1000B

.idata
Size: 1KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 8B