cf751f3ddcbf2f875e59ca62524ac523[.]bin

General

Target

cf751f3ddcbf2f875e59ca62524ac523.bin
Size

10KB
MD5

0fb21787bd1d1687e71d63c81a8f4b01
SHA1

91178ad8d807901ebc724f8aab0af058bfe66720
SHA256

d69c79ca293ba2b7908d2be360c99e4fe9efaae7d5327e260c64bb9596d11fde
SHA512

7ba1dccc5c2bfcd12ae28fb91226a7ab3a9854c18aed160ca4b14e569d3d3598adf47199045b499d8fb0b8885dba0c51c47207edcda71e37c6b9b9258ce0b1b5
SSDEEP

192:REm/kkqysfH5Vl/Un0WwFgb0BQhPFhcLsCZT3n766eUmLVyr01yWZLmXgsGrUs:eNkqHvvl/W8k0B+dhcLT3n7WCGrx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/b190e91c20d56977333996d314db14bce2b30d89dac199489455694b52b3feb6.exe

Files

cf751f3ddcbf2f875e59ca62524ac523.bin
.zip

Password: infected
b190e91c20d56977333996d314db14bce2b30d89dac199489455694b52b3feb6.exe
.exe windows:4 windows x86 arch:x86

Password: infected

5299d192ec86e7bd67dcb7a3cedbc04f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
lstrcatW
GetProfileStringW
lstrcpyW
AddAtomW
ExitProcess
GetModuleHandleW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
GetModuleFileNameW
GetTickCount

user32

GetDlgItem
DdeCreateDataHandle
GetDlgItemTextA
SetDlgItemTextW
DdeNameService
DdeInitializeW
DdeUninitialize
DdePostAdvise
GetDlgItemInt
SetWindowLongW
IsDlgButtonChecked
GetWindowLongW
CheckMenuItem
GetMenu
LoadStringW
EndDialog
SetFocus
GetPropW
WinHelpW
SetDlgItemInt
GetDlgItemTextW
SetWindowTextW
GetWindow
EnableWindow
CheckDlgButton
KillTimer
SendMessageW
SetTimer
DialogBoxParamW
IsIconic
MessageBeep
GetDlgCtrlID
ShowWindow
PostMessageW
GetWindowTextW
MessageBoxA
LoadStringA
RegisterClassW
LoadCursorW
LoadIconW
MessageBoxW
SetPropW
RemovePropW
InvalidateRect
DdeCmpStringHandles
DdeCreateStringHandleW
DefDlgProcW
SendDlgItemMessageW

gdi32

CreateSolidBrush
SetBkMode
DeleteObject
CreateFontW

comdlg32

GetSaveFileNameW

shlwapi

wvnsprintfW
PathFindFileNameW

msvcrt

_wfopen
fclose
floor
swscanf
fflush
fprintf
memset
swprintf
wcschr
_ftol

inpout32

ord1
ord2

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

5299d192ec86e7bd67dcb7a3cedbc04f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shlwapi

msvcrt

inpout32

Sections

.text Size: 9KB - Virtual size: 9KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 9KB - Virtual size: 9KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 9KB - Virtual size: 9KB