657d587ef82bd24ddb85636045d3a826

Sharing

Copy URL

Twitter E-mail

General

Target

657d587ef82bd24ddb85636045d3a826
Size

42KB
MD5

657d587ef82bd24ddb85636045d3a826
SHA1

dae6a991f5365be4c9c2cd2d97797863453ca5d4
SHA256

09f38234a5d58bf8f6742df577172efca550c706222375e220652ddeb18c7ae5
SHA512

a54757dc6d048e3a0ddbde783e1680dc6932dab5c408eb1309a44289df6dfa8b8c526207b7af8fd3204189fcb58ef8dbccf5ae880135f863c5df0ee9745675cd
SSDEEP

768:3wZK/6hDnTmdBgjiC/qjdzkex3mXwi7qNy1KhTFsW7q7zBvCG7A94lGi8NuxX37D:Gha0zCVr3Hy1KhrqlzWQGiauR37fzcd0

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/!_bootvid/bin2h.EXE
unpack001/!_bootvid/bin2inc.EXE

Files

657d587ef82bd24ddb85636045d3a826
.zip
!_bootvid/29a.h
!_bootvid/MAKEFILE
!_bootvid/bin2h.EXE
.exe windows:1 windows x86 arch:x86

489df1680b4077e756545d3eb62b6a82

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CreateFileA
ExitProcess
GetCommandLineA
GetFileSize
ReadFile
WriteFile
CloseHandle

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
!_bootvid/bin2inc.EXE
.exe windows:1 windows x86 arch:x86

489df1680b4077e756545d3eb62b6a82

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CreateFileA
ExitProcess
GetCommandLineA
GetFileSize
ReadFile
WriteFile
CloseHandle

Sections

CODE
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
!_bootvid/bootvid.c
!_bootvid/bootvid.def
!_bootvid/bootvid.rc
!_bootvid/bootvid_.lib
!_bootvid/build.bat
!_bootvid/sources
MAKEFILE
MZ.INC
PE.INC
USEFUL.INC
WIN32API.INC
bootvid.dl_.inc
description.txt
my_include.inc
my_macroz.inc
taichi.asm
taichi.def

Sharing

General

Malware Config

Signatures

Files

489df1680b4077e756545d3eb62b6a82

Headers

File Characteristics

Imports

kernel32

Sections

CODE Size: 512B - Virtual size: 4KB

DATA Size: 512B - Virtual size: 4KB

.idata Size: 512B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

489df1680b4077e756545d3eb62b6a82

Headers

File Characteristics

Imports

kernel32

Sections

CODE Size: 512B - Virtual size: 4KB

DATA Size: 512B - Virtual size: 4KB

.idata Size: 512B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

CODE
Size: 512B - Virtual size: 4KB

DATA
Size: 512B - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB

CODE
Size: 512B - Virtual size: 4KB

DATA
Size: 512B - Virtual size: 4KB

.idata
Size: 512B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB