c88933a3bcc4494def9d0feb4568c4e865d6b333ace006256816166d34104ea0[.]bin

Resubmissions

14/03/2024, 11:45

240314-nw4b5sbb5v 10

13/03/2024, 15:01

240313-sdxtvsfh9x 10

13/03/2024, 14:22

240313-rpjkyagg56 10

Sharing

Copy URL Twitter E-mail

General

Target

c88933a3bcc4494def9d0feb4568c4e865d6b333ace006256816166d34104ea0.bin
Size

242KB
MD5

8f44c565b6605afccbab295faaf420b8
SHA1

a9fc5e1ca19b7034f846b12ee2e5890d8c64f3b3
SHA256

c88933a3bcc4494def9d0feb4568c4e865d6b333ace006256816166d34104ea0
SHA512

cdbf40c2def3a3dc45ac006f99ebff60d936eff53d2b16236f0424285a1749e847ee1180daa0e9e256bd86e44e76cdbc2b83d5afd1e8db1edb699d0b95900206
SSDEEP

3072:sY1hNzde2qx1Y7CzY8hv2BXhssNPhslWeQYmbd/5NOVAAC:11Twx2uzYvVhsspSlWbYId

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c88933a3bcc4494def9d0feb4568c4e865d6b333ace006256816166d34104ea0.bin

Files

c88933a3bcc4494def9d0feb4568c4e865d6b333ace006256816166d34104ea0.bin
.exe windows:5 windows x86 arch:x86

99a932f0cadd6d26123940658eec1af9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\puvocoj-mitacezihoji_dubibimerokige\89 fijeceho.pdb

Imports

kernel32

GetConsoleAliasExesLengthA
InterlockedIncrement
GetConsoleAliasA
InterlockedDecrement
AddConsoleAliasW
GetFileAttributesExA
GetTickCount
GetNumberFormatA
GetConsoleTitleA
ReadConsoleW
GetWindowsDirectoryA
WriteFile
GlobalAlloc
LoadLibraryW
GetLocaleInfoW
ReadConsoleInputA
GetThreadSelectorEntry
WriteConsoleW
GetModuleFileNameW
CreateFileW
SetComputerNameExW
GetConsoleAliasExesA
CreateDirectoryA
GetLastError
SetLastError
GetProcAddress
VirtualAlloc
RemoveDirectoryA
GetTempFileNameA
LoadLibraryA
SetCalendarInfoW
GlobalFindAtomW
GetVersionExA
GetCurrentProcessId
GetVolumeInformationW
CloseHandle
CreateFileA
FindNextVolumeMountPointW
GetComputerNameA
GetLocaleInfoA
GetStringTypeW
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
GetStartupInfoA
HeapFree
WideCharToMultiByte
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RaiseException
VirtualFree
HeapReAlloc
HeapCreate
GetModuleHandleW
Sleep
ExitProcess
GetModuleFileNameA
GetConsoleCP
GetConsoleMode
FlushFileBuffers
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThreadId
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
RtlUnwind
GetModuleHandleA
WriteConsoleA
GetConsoleOutputCP
MultiByteToWideChar
SetStdHandle
HeapSize
LCMapStringA
LCMapStringW
GetStringTypeA

user32

GetAltTabInfoW
SetMenu
LoadKeyboardLayoutA
CharUpperBuffW
CharUpperBuffA

gdi32

StretchDIBits

shell32

FindExecutableA

ole32

StringFromIID

winhttp

WinHttpOpen

Sections

.text
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 22.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

99a932f0cadd6d26123940658eec1af9

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

shell32

ole32

winhttp

Sections

.text Size: 148KB - Virtual size: 147KB

.rdata Size: 13KB - Virtual size: 12KB

.data Size: 39KB - Virtual size: 22.0MB

.rsrc Size: 41KB - Virtual size: 40KB

.text
Size: 148KB - Virtual size: 147KB

.rdata
Size: 13KB - Virtual size: 12KB

.data
Size: 39KB - Virtual size: 22.0MB

.rsrc
Size: 41KB - Virtual size: 40KB