08032024_2144_mir24[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

08032024_2144_mir24.bin
Size

113KB
MD5

5e4076209bb6a5e337c3db306fb590fb
SHA1

3c8ede0be73456c66d74d3afdb716d5e9a3c87e4
SHA256

1c8a80289203aab491eb414479f535a4a71e411c27a546d7388eb15abac2c665
SHA512

b49b62f85201ff21e57736d44b867238db5b8cad09d34190ac84a97c335a1469c0a9455faf4c8497d7962ebc518271e8191532406791c8aa27dd748824de9529
SSDEEP

3072:otYfBSKx2RsHNRCNuVZFe07KsOji4NU4tahs:QCSKx2RsHNfVZFtCjiKJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
08032024_2144_mir24.bin

Files

08032024_2144_mir24.bin
.exe windows:6 windows x64 arch:x64

Password: infected

a268bd74d1773011d36925d52d419e1f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

Sleep
GetLastError
CreateFileA
lstrcpyA
CloseHandle
LocalFree
GetFileSize
WideCharToMultiByte
lstrcatA
GetComputerNameA
WriteConsoleW
CreateFileW
SetFilePointerEx
GetConsoleMode
lstrcmpA
CreateMutexA
FindClose
lstrlenA
FindNextFileA
FindFirstFileA
GetConsoleOutputCP
FlushFileBuffers
GetConsoleWindow
ReadFile
HeapSize
GetProcessHeap
LCMapStringW
FlsFree
FlsSetValue
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetModuleHandleW
RtlUnwindEx
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
EncodePointer
RaiseException
RtlPcToFileHeader
GetStdHandle
WriteFile
GetModuleFileNameW
GetCurrentProcess
ExitProcess
TerminateProcess
GetModuleHandleExW
HeapReAlloc
HeapFree
HeapAlloc
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetFileType
GetStringTypeW
FlsAlloc
FlsGetValue

user32

ShowWindow
GetKeyboardLayout
wsprintfA
MessageBoxA

advapi32

RegEnumValueA
RegCloseKey
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumKeyExA

shell32

SHGetFolderPathA

crypt32

CryptUnprotectData

shlwapi

PathFileExistsA

wininet

HttpSendRequestA
HttpOpenRequestA
InternetOpenA
InternetConnectA
InternetCloseHandle
InternetReadFile

Sections

.text
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

a268bd74d1773011d36925d52d419e1f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

shell32

crypt32

shlwapi

wininet

Sections

.text Size: 62KB - Virtual size: 61KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 3KB - Virtual size: 7KB

.pdata Size: 4KB - Virtual size: 4KB

_RDATA Size: 512B - Virtual size: 500B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 62KB - Virtual size: 61KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 3KB - Virtual size: 7KB

.pdata
Size: 4KB - Virtual size: 4KB

_RDATA
Size: 512B - Virtual size: 500B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 1KB