2098d609c03dbaa022b6a43fbe3e035c804c452aed50a3c4fe6f36b137bde2a8[.]bin[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

2098d609c03dbaa022b6a43fbe3e035c804c452aed50a3c4fe6f36b137bde2a8.bin.zip
Size

1.1MB
MD5

d95e1b6d45419843737cadaed278ca37
SHA1

1465761431fffb8393d06913c36b63ef9819ade3
SHA256

c3de86e38f31e7901f554ed95131d838b35b8af8bc6a02fafd794eaa1c1348e8
SHA512

f29bd939b62884e3701ad18783cbef6c23fbf795deef8ab527701de634a5cbd25c96eae3f58b6f3b5a4d67324a4558c4be20ec83ed47f0affcc0ef7218b8ed25
SSDEEP

24576:o4/PbulFn1RzMsmFVozNQMgmEqDEj5cZmXKWbL/jiJt:ocufnM3Voz+MbZItcZmtjE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/2098d609c03dbaa022b6a43fbe3e035c804c452aed50a3c4fe6f36b137bde2a8.bin

Files

2098d609c03dbaa022b6a43fbe3e035c804c452aed50a3c4fe6f36b137bde2a8.bin.zip
.zip

Password: infected
2098d609c03dbaa022b6a43fbe3e035c804c452aed50a3c4fe6f36b137bde2a8.bin
.exe windows:4 windows x86 arch:x86

b13aa829ed02f35ebb7c1ac735c565cc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventA
CreateFileW
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
FindResourceA
FreeLibrary
FreeResource
GetConsoleWindow
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetHandleInformation
GetLastError
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetSystemTimeAsFileTime
GetTempPathW
GetThreadContext
GetThreadPriority
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryA
LoadResource
LockResource
MultiByteToWideChar
OpenProcess
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReleaseSemaphore
ResetEvent
ResumeThread
SetEvent
SetLastError
SetProcessAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile

msvcrt

__getmainargs
__initenv
__mb_cur_max
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_beginthreadex
_cexit
_endthreadex
_errno
_initterm
_iob
_onexit
_setjmp3
_vsnwprintf
_vsnprintf
abort
atoi
calloc
exit
fgetwc
fprintf
fputc
fputs
free
fwrite
getc
getenv
localeconv
longjmp
malloc
memcmp
memcpy
memmove
memset
printf
realloc
setlocale
signal
strchr
strcmp
strerror
strlen
strncmp
strtoul
vfprintf
wcslen
_strdup

ntdll

NtRaiseHardError
RtlAdjustPrivilege

ole32

CoCreateInstance
CoInitialize

user32

ShowWindow

Sections

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 894KB - Virtual size: 893KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/14
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/29
Size: 432KB - Virtual size: 431KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/41
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/55
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/67
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/80
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/91
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/107
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/123
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

b13aa829ed02f35ebb7c1ac735c565cc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ntdll

ole32

user32

Sections

.text Size: 132KB - Virtual size: 132KB

.data Size: 512B - Virtual size: 176B

.rdata Size: 33KB - Virtual size: 33KB

/4 Size: 30KB - Virtual size: 29KB

.bss Size: - Virtual size: 2KB

.idata Size: 3KB - Virtual size: 3KB

.CRT Size: 512B - Virtual size: 52B

.tls Size: 512B - Virtual size: 8B

.rsrc Size: 894KB - Virtual size: 893KB

.reloc Size: 5KB - Virtual size: 5KB

/14 Size: 3KB - Virtual size: 2KB

/29 Size: 432KB - Virtual size: 431KB

/41 Size: 51KB - Virtual size: 50KB

/55 Size: 139KB - Virtual size: 139KB

/67 Size: 512B - Virtual size: 56B

/80 Size: 4KB - Virtual size: 4KB

/91 Size: 35KB - Virtual size: 35KB

/107 Size: 144KB - Virtual size: 143KB

/123 Size: 16KB - Virtual size: 15KB

.text
Size: 132KB - Virtual size: 132KB

.data
Size: 512B - Virtual size: 176B

.rdata
Size: 33KB - Virtual size: 33KB

/4
Size: 30KB - Virtual size: 29KB

.bss
Size: - Virtual size: 2KB

.idata
Size: 3KB - Virtual size: 3KB

.CRT
Size: 512B - Virtual size: 52B

.tls
Size: 512B - Virtual size: 8B

.rsrc
Size: 894KB - Virtual size: 893KB

.reloc
Size: 5KB - Virtual size: 5KB

/14
Size: 3KB - Virtual size: 2KB

/29
Size: 432KB - Virtual size: 431KB

/41
Size: 51KB - Virtual size: 50KB

/55
Size: 139KB - Virtual size: 139KB

/67
Size: 512B - Virtual size: 56B

/80
Size: 4KB - Virtual size: 4KB

/91
Size: 35KB - Virtual size: 35KB

/107
Size: 144KB - Virtual size: 143KB

/123
Size: 16KB - Virtual size: 15KB