cd6bf0fea07fff98c49a1ef6ccd11207[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

cd6bf0fea07fff98c49a1ef6ccd11207.bin
Size

31KB
MD5

c132d5bb3ae3d8918927329bd6aed69b
SHA1

0ab50a0e7a71965d0fe47268e375e391fa2e7449
SHA256

c18197cc3df4f3201e062d9e3c20dcd4aeefcf15376c5396cc93304b8eb63fc1
SHA512

48cdbe68a26d6a6c92ae25c887414ff5a440df0843e7723e0d2ee173e6e0f921633f1cfe6e4866c52b878e50c1e2a445151c6dbfe6634d3282e9d3e2c53f642f
SSDEEP

768:dWCts9FMySY/oienD6OxvZnlANIVUzipU3qZu9mEuu5V:ps9FME/oi/yNlO/ukqZUmEH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/998b6a7ad1579c31d13a53c37e184b58491bbaed016fa55cec1cd411c6989e2e.exe

Files

cd6bf0fea07fff98c49a1ef6ccd11207.bin
.zip

Password: infected
998b6a7ad1579c31d13a53c37e184b58491bbaed016fa55cec1cd411c6989e2e.exe
.dll windows:4 windows x64 arch:x64

Password: infected

b0ee9fca3049b669e21f2d2e0653be78

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateToolhelp32Snapshot
DeleteCriticalSection
EnterCriticalSection
ExitProcess
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleW
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryW
Process32First
Process32Next
QueryPerformanceCounter
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WinExec
WriteProcessMemory

msvcrt

__dllonexit
__iob_func
_amsg_exit
_initterm
_lock
_onexit
_unlock
abort
calloc
free
fwrite
malloc
memcpy
puts
rand
signal
strcmp
strlen
strncmp
vfprintf

Exports

Exports

ASSnko
FindProcessId
NetApiBufferFree
NetpIsRemote
NetpwNameValidate
NetpwPathType
PxBu
Pxon
base46_map
base64_decode
base64_encode
decrypt
encrypt
revstr

Sections

.
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.
Size: 1024B - Virtual size: 636B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.
Size: 1024B - Virtual size: 564B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 512B - Virtual size: 302B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

b0ee9fca3049b669e21f2d2e0653be78

Headers

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

. Size: 10KB - Virtual size: 10KB

. Size: 512B - Virtual size: 144B

. Size: 1KB - Virtual size: 1KB

. Size: 1024B - Virtual size: 636B

. Size: 1024B - Virtual size: 564B

. Size: - Virtual size: 2KB

. Size: 512B - Virtual size: 348B

. Size: 2KB - Virtual size: 2KB

. Size: 512B - Virtual size: 88B

. Size: 512B - Virtual size: 104B

. Size: 512B - Virtual size: 92B

/4 Size: 1024B - Virtual size: 832B

/19 Size: 39KB - Virtual size: 38KB

/31 Size: 6KB - Virtual size: 5KB

/45 Size: 5KB - Virtual size: 5KB

/57 Size: 3KB - Virtual size: 2KB

/70 Size: 512B - Virtual size: 302B

/81 Size: 12KB - Virtual size: 11KB

/92 Size: 1KB - Virtual size: 1KB

.
Size: 10KB - Virtual size: 10KB

.
Size: 512B - Virtual size: 144B

.
Size: 1KB - Virtual size: 1KB

.
Size: 1024B - Virtual size: 636B

.
Size: 1024B - Virtual size: 564B

.
Size: - Virtual size: 2KB

.
Size: 512B - Virtual size: 348B

.
Size: 2KB - Virtual size: 2KB

.
Size: 512B - Virtual size: 88B

.
Size: 512B - Virtual size: 104B

.
Size: 512B - Virtual size: 92B

/4
Size: 1024B - Virtual size: 832B

/19
Size: 39KB - Virtual size: 38KB

/31
Size: 6KB - Virtual size: 5KB

/45
Size: 5KB - Virtual size: 5KB

/57
Size: 3KB - Virtual size: 2KB

/70
Size: 512B - Virtual size: 302B

/81
Size: 12KB - Virtual size: 11KB

/92
Size: 1KB - Virtual size: 1KB