296016f5b8e64afa48b5447abfb1e051[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

296016f5b8e64afa48b5447abfb1e051.bin
Size

17.7MB
MD5

7e58acdbbe3560b857624d448cededca
SHA1

94447d5fa05e801bbdefa933de9de281ab4601a1
SHA256

5b0d49d58e354059b5f2c2d7a250fd3a6a641eb9ea0a5bb6d5990854ebd1709b
SHA512

12373660e3bcd016f63124148d7b863fe73b2b053f6c52fecdfccae52677a46e61c24ccc5298b8d1fdecdf788b69df2148e5f82f77b695b78c928f6300a9d41e
SSDEEP

393216:kTmP/X4UBC5OvsPfb0mczcRJSs46Uv4oWFNFhg61/cPUAT:kT4fBmCmb/cCIKNFNDl0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/f81795c9da60984703aeb170967d4bcc9fa1512c03623782b3bdbbfa619c0324.exe

Files

296016f5b8e64afa48b5447abfb1e051.bin
.zip

Password: infected
f81795c9da60984703aeb170967d4bcc9fa1512c03623782b3bdbbfa619c0324.exe
.exe windows:6 windows x86 arch:x86

Password: infected

27cb3dd4b0c01d19e67be2c0b03afa13

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

advapi32

RegOpenKeyExA

ole32

CoInitialize

Sections

.text
Size: - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.modern0
Size: - Virtual size: 10.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.modern1
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.modern2
Size: 18.6MB - Virtual size: 18.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 239KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.modern1
.modern2
.rsrc/0/GROUP_ICON/1033
.rsrc/0/ICON/1.ico
.rsrc/0/ICON/2.ico
.rsrc/0/ICON/3.ico
.rsrc/0/ICON/4.ico
.rsrc/0/ICON/5.ico
.rsrc/0/ICON/6
.png

Password: infected
.rsrc/1033/MANIFEST/1
.xml
.rsrc/1033/version.txt

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

27cb3dd4b0c01d19e67be2c0b03afa13

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

ole32

Sections

.text Size: - Virtual size: 63KB

.rdata Size: - Virtual size: 15KB

.data Size: - Virtual size: 1KB

.modern0 Size: - Virtual size: 10.6MB

.modern1 Size: 1024B - Virtual size: 944B

.modern2 Size: 18.6MB - Virtual size: 18.6MB

.rsrc Size: 239KB - Virtual size: 238KB

Password: infected

.text
Size: - Virtual size: 63KB

.rdata
Size: - Virtual size: 15KB

.data
Size: - Virtual size: 1KB

.modern0
Size: - Virtual size: 10.6MB

.modern1
Size: 1024B - Virtual size: 944B

.modern2
Size: 18.6MB - Virtual size: 18.6MB

.rsrc
Size: 239KB - Virtual size: 238KB