6a7dbf9cf7f21fd9e36a8f946a9ba32b[.]bin

General

Target

6a7dbf9cf7f21fd9e36a8f946a9ba32b.bin
Size

288KB
MD5

bdc974737746a82c8c2652e2d6ecde07
SHA1

02749ca36a732533a495f4873b6ba1480379e85f
SHA256

820c231151b0324c238986c64cc2f190e7d9867e95a88f860133b92cbc2a7867
SHA512

64619a488094b39094d604606e069ce03d503f905619fbd305f5842392c75d692f39ff309df57a19e289441af67ed072a364b32685a029e43e42edd7e4143907
SSDEEP

6144:AVWbKKOkFUGEvZCVi882ItJ2yCQ2euEA5wD7XxxqoEMy:88rOcU1ol0cyd5EwD7xLEMy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/be5e172e023a252269fcfff738377c0ee3de397bee7d44c21d002457ad2ce510.exe

Files

6a7dbf9cf7f21fd9e36a8f946a9ba32b.bin
.zip

Password: infected
be5e172e023a252269fcfff738377c0ee3de397bee7d44c21d002457ad2ce510.exe
.exe windows:4 windows x86 arch:x86

Password: infected

a0158c18d7c57554131cbbf4101b1cab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
VirtualAlloc
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
FreeLibrary
IsBadWritePtr
HeapValidate
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
InterlockedIncrement
GetModuleFileNameA
HeapReAlloc
GetLastError
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetFileType
RtlUnwind
SetConsoleCtrlHandler
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
SetFilePointer
LCMapStringA
LCMapStringW
SetStdHandle
FlushFileBuffers
CloseHandle

Sections

.text
Size: 136KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 196KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

a0158c18d7c57554131cbbf4101b1cab

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 136KB - Virtual size: 134KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 196KB - Virtual size: 202KB

.idata Size: 4KB - Virtual size: 1KB

.rsrc Size: 216KB - Virtual size: 215KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 136KB - Virtual size: 134KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 196KB - Virtual size: 202KB

.idata
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 216KB - Virtual size: 215KB

.reloc
Size: 8KB - Virtual size: 4KB