6ce2df8ef3d8e1c546872b293ad2fec4[.]bin

General

Target

6ce2df8ef3d8e1c546872b293ad2fec4.bin
Size

208KB
MD5

6ce2df8ef3d8e1c546872b293ad2fec4
SHA1

f38fe45056d83c8edd2baf0abf828c9e26f11d1d
SHA256

74b0f885e9c8be8f21eee31941e67a79375f24ac448c1816ac865f79fafe2c87
SHA512

cefb19b2f63b4f0e95a381c25c150942461d55ee90e059fef0256d590d030eb5d61e624de95bc8b203d55c32329010fbda60c3726a6dab51f23772a104ad977e
SSDEEP

1536:eFK3X5FQ5uqLL2AH19VQP/dNMU+DrJonWt7xEDesnl9ZWin9slrwLrp7poEUgahr:b3wUgaP1NryrJonu7xEDFLr8Y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ce2df8ef3d8e1c546872b293ad2fec4.bin

Files

6ce2df8ef3d8e1c546872b293ad2fec4.bin
.exe windows:4 windows x86 arch:x86

27e418ec25747b93aa23f4e2d31d40d5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
lstrlenA
FormatMessageA
GetLastError
GetModuleHandleA
lstrcmpA
CloseHandle
lstrcatA
SetHandleInformation
CreatePipe
Sleep
GetProcAddress
LoadLibraryA
GetFileSize
RaiseException
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
FlushFileBuffers
GetOEMCP
GetACP
GetCPInfo
ReadFile
SetEndOfFile
SetStdHandle
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
RtlUnwind
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapReAlloc
HeapAlloc
TerminateProcess
GetCurrentProcess
HeapSize
GetFileAttributesA
GetFileType
CreateFileA
GetCurrentProcessId
HeapFree
SetFilePointer
SetHandleCount
GetStdHandle
WriteFile
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW

user32

DrawIcon
RegisterHotKey
PeekMessageA
GetDesktopWindow
GetWindowTextLengthW
IsCharAlphaA
GetCursorPos
ClientToScreen
GetClientRect
FindWindowA
GetScrollRange
PeekMessageW
PostMessageA
LoadCursorA
MessageBoxA
MoveWindow

shell32

ExtractIconA

shlwapi

PathIsSameRootA

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 137KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

27e418ec25747b93aa23f4e2d31d40d5

Headers

File Characteristics

Imports

kernel32

user32

shell32

shlwapi

Sections

.text Size: 56KB - Virtual size: 56KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 5KB - Virtual size: 21KB

.rsrc Size: 137KB - Virtual size: 165KB

.text
Size: 56KB - Virtual size: 56KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 5KB - Virtual size: 21KB

.rsrc
Size: 137KB - Virtual size: 165KB