e72d96c69b4b1c5f6b88cd98fef95540[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

e72d96c69b4b1c5f6b88cd98fef95540.bin
Size

1.4MB
MD5

24b18cab5509f8212e3c23e4c3353f58
SHA1

e820d6a31e06834c16a3f328d5298df95593358a
SHA256

e566d53c0a4e244aa62f0f4dfa82eabfe84feb0ca43bf543d83385b7f920325c
SHA512

77bfce6358bd2720aa41a209635cd8e2fcb8aecd88e51e61caa31c9c546469a599227f8626eebd4b0e39aa64fb29c0196186e31d129b7573a2a0b9726e897a54
SSDEEP

24576:dtCNqbxweFCPRtWimIlQsKdFdIuinmd+lWm2Y3GwPiWNcS697M3vNqkb2SPhk:XjhwRtND00umXl2YWwPiWSp7mk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Estrai 2 Files Compressi con GoogleDrive.com

Files

e72d96c69b4b1c5f6b88cd98fef95540.bin
.zip

Password: infected
6a586c43f995443bc2d05e8a5c1e59292fea789d47d36d5c424f48102aba5203.zip
.zip

Password: infected
Estrai 2 Files Compressi con GoogleDrive.com
.exe windows:4 windows x64 arch:x64

Password: infected

1298249fc64bbaae984baea2fe166a37

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

SystemFunction036

bcrypt

BCryptGenRandom

kernel32

AcquireSRWLockExclusive
AddVectoredExceptionHandler
CloseHandle
CreateFileW
CreateWaitableTimerExW
FindClose
FindFirstFileW
GetCommandLineW
GetConsoleMode
GetCurrentThread
GetEnvironmentVariableW
GetFileInformationByHandle
GetFileInformationByHandleEx
GetFullPathNameW
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
HeapAlloc
HeapFree
HeapReAlloc
InitOnceBeginInitialize
InitOnceComplete
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
ReleaseSRWLockExclusive
SetLastError
SetThreadStackGuarantee
SetUnhandledExceptionFilter
SetWaitableTimer
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryAcquireSRWLockExclusive
WaitForSingleObject
WriteConsoleW
DeleteCriticalSection
EnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
RaiseException
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
VirtualProtect
VirtualQuery
__C_specific_handler

ntdll

NtWriteFile
RtlNtStatusToDosError

msvcrt

__getmainargs
__initenv
__iob_func
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_commode
_fmode
_fpreset
_initterm
_onexit
abort
calloc
exit
fprintf
free
fwrite
malloc
memcmp
memcpy
memmove
memset
signal
strlen
strncmp
vfprintf

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 544B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

Password: infected

1298249fc64bbaae984baea2fe166a37

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

bcrypt

kernel32

ntdll

msvcrt

Sections

.text Size: 97KB - Virtual size: 96KB

.data Size: 512B - Virtual size: 256B

.rdata Size: 1.4MB - Virtual size: 1.4MB

.pdata Size: 3KB - Virtual size: 3KB

.xdata Size: 4KB - Virtual size: 3KB

.bss Size: - Virtual size: 544B

.idata Size: 3KB - Virtual size: 3KB

.CRT Size: 512B - Virtual size: 112B

.tls Size: 512B - Virtual size: 16B

.reloc Size: 512B - Virtual size: 280B

.text
Size: 97KB - Virtual size: 96KB

.data
Size: 512B - Virtual size: 256B

.rdata
Size: 1.4MB - Virtual size: 1.4MB

.pdata
Size: 3KB - Virtual size: 3KB

.xdata
Size: 4KB - Virtual size: 3KB

.bss
Size: - Virtual size: 544B

.idata
Size: 3KB - Virtual size: 3KB

.CRT
Size: 512B - Virtual size: 112B

.tls
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 280B