9f7e3ab7aae0cdd10fd8e273d51ccfb3[.]bin

General

Target

9f7e3ab7aae0cdd10fd8e273d51ccfb3.bin
Size

4.2MB
MD5

9f7e3ab7aae0cdd10fd8e273d51ccfb3
SHA1

69258915a8e626e96cd74ebf2b11e08c3bf44361
SHA256

f8e8009a2a10a38298e676692174ee54114328b872a13c94c36ec7e6ce93acbc
SHA512

482ff492756fbd8c0b6d26ef5b9a3dffa392c55662d07526ae26382ab5827695255b4fb3b2c096d95ba3b24fdba1d2dfc8e752a6acce67332f6c6a8cbf8c4ed8
SSDEEP

98304:iTNsOvRYSmn0fmDjzuSKfF1MC+UGP6+YEDCE7d0TwjH+:iTGOvRb20fmDjySYr2P3YED3R0TW+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CPanel Scanner/CPanel Nightmare By Bk - puplic Version.exe

Files

9f7e3ab7aae0cdd10fd8e273d51ccfb3.bin
.rar
CPanel Scanner/@[email protected]
CPanel Scanner/CPanel Nightmare By Bk - puplic Version.exe
.exe windows:4 windows x86 arch:x86

8933a60a4995b88fd8d4706bd72b1a59

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

LoadLibraryA
GetVersionExA
GetShortPathNameW
WideCharToMultiByte
FindClose
FindFirstFileA
GetComputerNameA
CloseHandle
GetFileInformationByHandle
CreateFileA
SystemTimeToFileTime
SetFileTime
GetLastError
FindNextFileA
GetModuleHandleA
GetModuleFileNameA
OutputDebugStringA
GetProcAddress
EnterCriticalSection
GetTempPathA
InitializeCriticalSection
SetEnvironmentVariableA
DeleteCriticalSection
LoadLibraryExA
LockResource
LoadResource
FindResourceA
SetLastError
VirtualProtect
VirtualFree
VirtualAlloc
MultiByteToWideChar
ExitThread
FreeLibrary
LeaveCriticalSection

user32

MessageBoxA

advapi32

GetUserNameA

msvcrt

_controlfp
free
malloc
strcmp
fprintf
_iob
fclose
strlen
fgets
fopen
sprintf
strcat
strcpy
getenv
wcslen
memcpy
memcmp
strchr
strstr
time
_ftol
localtime
atol
_pctype
_isctype
__mb_cur_max
atoi
fwrite
rand
srand
fread
_errno
strncpy
fflush
fputc
fputs
vsprintf
__p__environ
memset
perror
abort
_setjmp3
toupper
memmove
strrchr
wcscmp
_stat
_strdup
_mkdir
_getpid
_chmod
_strnicmp
_dup2
_fileno
_putenv
_rmdir
_unlink
_stricmp
__dllonexit
_onexit
_exit
_XcptFilter
exit
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
calloc

Sections

.text
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
CPanel Scanner/wordlist.txt

Sharing

General

Malware Config

Signatures

Files

8933a60a4995b88fd8d4706bd72b1a59

Headers

File Characteristics

Imports

comctl32

kernel32

user32

advapi32

msvcrt

Sections

.text Size: 44KB - Virtual size: 42KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 8KB - Virtual size: 6KB

.rsrc Size: 4.6MB - Virtual size: 4.6MB

.text
Size: 44KB - Virtual size: 42KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 4.6MB - Virtual size: 4.6MB