64d5c423143bae1f0c5919d2400d9c61[.]bin

General

Target

64d5c423143bae1f0c5919d2400d9c61.bin
Size

20KB
MD5

110e54efe3ceefb453558840c9f6a9e1
SHA1

912e548627313f2c6fa00a22ac4a408764e866da
SHA256

a7e9be368fe2c4c7d2da2fde1477695f64efe8f52ae46110c7bb4426e04c4151
SHA512

422fc41ea47b14e3cb37f0a6104f414740cd3feb9f59fc5f412982eee6e4f96c9c7052ac616bc2d887327a1c2ab53d0bb085fd0bb049e04fb0e8321c22f5e74d
SSDEEP

384:6b9NpaA17drRwXFmsqm7WGoxehSfabsCR/Y17rTC17ShTF/tg2rY/3Bpw1vbl:6Z7a6rRwtWAhSfabsgn1SrcRpuJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/60b1b3a69ff7db07dfe4baf4d1ef65ba961e5fb15000ba8b6b24f602bad1b3da.exe

Files

64d5c423143bae1f0c5919d2400d9c61.bin
.zip

Password: infected
60b1b3a69ff7db07dfe4baf4d1ef65ba961e5fb15000ba8b6b24f602bad1b3da.exe
.exe windows:4 windows x86 arch:x86

Password: infected

2f8ee8a1e874a6d83311ae89fdd84904

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetStartupInfoW
LocalHandle
SystemTimeToFileTime
ChangeTimerQueueTimer
GetPriorityClass
CompareStringA
SetMessageWaitingIndicator
WriteConsoleOutputCharacterA
GetPrivateProfileStringA
GetModuleFileNameA
GetLogicalDrives
GetFullPathNameA
GetLogicalDriveStringsA
GetLongPathNameA
GetPrivateProfileSectionNamesA
SetCommMask
ExitThread
GetFileInformationByHandle
IsValidCodePage
GlobalHandle
GetStartupInfoA
GetCompressedFileSizeA
LocalShrink
GetCurrentDirectoryA
GetProcessShutdownParameters
FreeEnvironmentStringsA
FindAtomA
ReleaseSemaphore
ShowConsoleCursor
CreateWaitableTimerA
LocalUnlock
GetSystemDirectoryA
GetCommModemStatus
EnumResourceTypesA
GetFileSizeEx
LZInit
ReadConsoleA
GetConsoleCursorMode
GetCalendarInfoA
SetFilePointer
GetVersion
GetVolumeInformationA
GlobalFix
GetVersionExA
CancelTimerQueueTimer
WritePrivateProfileStructA
PulseEvent
GetTapeStatus
DeleteTimerQueue
GetConsoleMode
GetLocalTime
FreeLibraryAndExitThread
CancelWaitableTimer
WaitCommEvent
TransactNamedPipe
PeekConsoleInputA
VirtualQuery
GetConsoleAliasExesW
WriteConsoleOutputAttribute
SetLastConsoleEventActive
IsProcessorFeaturePresent
RemoveDirectoryA
VirtualAlloc
ExpungeConsoleCommandHistoryA
CancelWaitableTimer
GetDllDirectoryA
SetHandleInformation
GetTickCount
GetSystemDefaultLangID
GetStdHandle
HeapReAlloc
GlobalAddAtomA
GetCPInfo
IsSystemResumeAutomatic
EnumResourceTypesA
SetFirmwareEnvironmentVariableA

gdi32

MoveToEx
GetTextExtentPointA

Exports

Exports

Sayjxtyc
BeginUpswaklkye
WriteVyqxegmm
IsWsmpldmsh
InitNxdfxdgh

Sections

.itext
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

2f8ee8a1e874a6d83311ae89fdd84904

Headers

File Characteristics

Imports

kernel32

gdi32

Exports

Exports

Sections

.itext Size: - Virtual size: 1KB

.text Size: 13KB - Virtual size: 12KB

.rsrc Size: 22KB - Virtual size: 22KB

.itext
Size: - Virtual size: 1KB

.text
Size: 13KB - Virtual size: 12KB

.rsrc
Size: 22KB - Virtual size: 22KB