7c39abe05104f6861b1c3c528db276ac[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

7c39abe05104f6861b1c3c528db276ac.bin
Size

25.0MB
MD5

a29028b98d4f3517e6f6be73875529d8
SHA1

78ae14aeade6da0ee067c3435594ea07f46dddc7
SHA256

5629ea462596c73cbbfab1baeb5742c2cac8f885831ca315492662198d28c8fc
SHA512

ab01455b44054eaf1a945b54681f1564e1dc31ef775f9cb00999820f051eccbd182aa06a45640312f366111229812c9dbbe1f49c73669b1f681b889d647181e6
SSDEEP

786432:wC+Q17hRn3TUs8klZbakn+jR1WPHPs1FSsWZI5LnN78m:wwhRn3TImbaaA1YHsSsrLnmm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/a7b388cdabf0f2b0d37da0ef0f7b1e358ed77ea526501b169a4b607dbe09a003.exe

Files

7c39abe05104f6861b1c3c528db276ac.bin
.zip

Password: infected
a7b388cdabf0f2b0d37da0ef0f7b1e358ed77ea526501b169a4b607dbe09a003.exe
.exe windows:6 windows x64 arch:x64

Password: infected

b80d781b780706f60c852830190a261d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

InitializeSListHead
LoadResource

user32

GetWindowThreadProcessId
UpdateWindow

gdi32

CreateSolidBrush
RemoveFontMemResourceEx

advapi32

CryptEncrypt

ws2_32

WSACleanup
WSAWaitForMultipleEvents

crypt32

CertFreeCertificateChainEngine

d3d11

D3D11CreateDeviceAndSwapChain

imm32

ImmReleaseContext
ImmGetContext

d3dcompiler_47

D3DCompile

dwmapi

DwmExtendFrameIntoClientArea

ntdll

RtlInitUnicodeString

bcrypt

BCryptGenRandom

ucrtbase

strcmp

shell32

DragQueryFileA

ole32

OleLockRunning

oleaut32

VariantClear

comctl32

_TrackMouseEvent

gdiplus

GdipImageGetFrameDimensionsList

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 885KB - Virtual size: 884KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 265KB - Virtual size: 265KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DFDBVGXE
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

DFDBVGXE
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DFDBVGXE
Size: 19.4MB - Virtual size: 19.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DFDBVGXE
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DFDBVGXE
Size: 8.1MB - Virtual size: 8.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

b80d781b780706f60c852830190a261d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ws2_32

crypt32

d3d11

imm32

d3dcompiler_47

dwmapi

ntdll

bcrypt

ucrtbase

shell32

ole32

oleaut32

comctl32

gdiplus

iphlpapi

Sections

.text Size: 885KB - Virtual size: 884KB

.rdata Size: 265KB - Virtual size: 265KB

.data Size: 14KB - Virtual size: 24KB

.pdata Size: 38KB - Virtual size: 37KB

DFDBVGXE Size: 512B - Virtual size: 488B

DFDBVGXE Size: 1.2MB - Virtual size: 1.2MB

DFDBVGXE Size: 19.4MB - Virtual size: 19.4MB

DFDBVGXE Size: 512B - Virtual size: 432B

DFDBVGXE Size: 8.1MB - Virtual size: 8.1MB

.rsrc Size: 512B - Virtual size: 480B

.text
Size: 885KB - Virtual size: 884KB

.rdata
Size: 265KB - Virtual size: 265KB

.data
Size: 14KB - Virtual size: 24KB

.pdata
Size: 38KB - Virtual size: 37KB

DFDBVGXE
Size: 512B - Virtual size: 488B

DFDBVGXE
Size: 1.2MB - Virtual size: 1.2MB

DFDBVGXE
Size: 19.4MB - Virtual size: 19.4MB

DFDBVGXE
Size: 512B - Virtual size: 432B

DFDBVGXE
Size: 8.1MB - Virtual size: 8.1MB

.rsrc
Size: 512B - Virtual size: 480B