6bcbbfac4eb7dbecb5a44983645a75db[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

6bcbbfac4eb7dbecb5a44983645a75db.bin
Size

156KB
MD5

c38a7977bdc99bd20638f9445a6e4d05
SHA1

8bea33add489b8e50dd978cb894262e2167f5c9f
SHA256

89c9b26f22784739494801cd3f063577240b378dd60becb3130cc9aaed0c2d00
SHA512

2af7348baadd8951e3ee603ba3e7577a028670caf4b3703244aae7128db22c4e961fe01532b99fbdb562e15e798fa61980bc0e8b0a56771d7e0cefa9704c44df
SSDEEP

3072:Fn2ElVuB82iAoLcZCWl7yHd3n8eqF/EJW18mMF+rKKzVxxxPP/TJGZioBC:x2Ea8XAoLSCiAqec/gWqN+rKKz/xxPP5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/f73c2ff7df05fca90c08e6ac7a30b97f56a5f62ddc1aed09e0970dc416f995aa.exe

Files

6bcbbfac4eb7dbecb5a44983645a75db.bin
.zip

Password: infected
f73c2ff7df05fca90c08e6ac7a30b97f56a5f62ddc1aed09e0970dc416f995aa.exe
.exe windows:5 windows x86 arch:x86

Password: infected

e2c2b55d2df3fb9f14086da4e39f3ab2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetComputerNameExA
LoadLibraryExW
InterlockedDecrement
SetEnvironmentVariableW
SetCommBreak
CreateHardLinkA
LockFile
GetTickCount
ReadConsoleW
GetWindowsDirectoryA
EnumTimeFormatsA
SetCommTimeouts
GlobalAlloc
GetSystemDirectoryW
GlobalFindAtomA
LoadLibraryW
ReadConsoleInputA
CreateEventA
GetConsoleAliasW
SetFilePointer
IsBadStringPtrA
InterlockedExchange
OpenMutexW
GetLastError
SetLastError
BackupRead
GetProcAddress
RemoveDirectoryA
FindFirstVolumeMountPointW
GetNumberFormatW
AddAtomW
GetModuleHandleA
BuildCommDCBA
VirtualProtect
GetTempPathA
GetVolumeInformationW
WriteConsoleW
GetComputerNameA
IsProcessorFeaturePresent
EncodePointer
DecodePointer
ReadFile
ExitProcess
GetModuleHandleExW
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineA
RaiseException
RtlUnwind
IsDebuggerPresent
HeapFree
HeapAlloc
HeapSize
EnterCriticalSection
LeaveCriticalSection
SetFilePointerEx
GetConsoleMode
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
WriteFile
GetModuleFileNameW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCurrentThreadId
GetProcessHeap
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapReAlloc
LCMapStringW
SetStdHandle
GetConsoleCP
FlushFileBuffers
OutputDebugStringW
GetStringTypeW
CreateFileW
CloseHandle
SetEndOfFile

gdi32

GetCharABCWidthsI

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 91KB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

e2c2b55d2df3fb9f14086da4e39f3ab2

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

Sections

.text Size: 67KB - Virtual size: 67KB

.rdata Size: 27KB - Virtual size: 27KB

.data Size: 91KB - Virtual size: 3.4MB

.rsrc Size: 52KB - Virtual size: 52KB

.text
Size: 67KB - Virtual size: 67KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 91KB - Virtual size: 3.4MB

.rsrc
Size: 52KB - Virtual size: 52KB