980a5619f1c858676c7ca39db351c68e[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

980a5619f1c858676c7ca39db351c68e.bin
Size

6.2MB
MD5

6a9c9bae6e034d26a98cc00454721ee3
SHA1

7eef8e52c187f48127e2f5520f555fe242569ea9
SHA256

7d5006f59610646a1911ac4891dbd0bced35ca1e22cac92c191506a4ce64666e
SHA512

ba563f4a85e09a8cfa8168ca4034d9c6746bec2f94b609a5a580d995072621d097ef035c6ad20e1ecc81742e424abfb1b450f3fc09fd0327be3a4bf8c3862aa7
SSDEEP

98304:ILorWY0u1XDmoFTmAymDoPReO/YSCSCwMD+ounzE19GmmeIOuT92Ah+Kp/HlRIw:IjjQX/TtTD3OAX3+X69GmNItTx7Iw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/8500ae3e66f33e543208fb43e787a79d1e3b7317258c504c883dc84639defdad.exe

Files

980a5619f1c858676c7ca39db351c68e.bin
.zip

Password: infected
8500ae3e66f33e543208fb43e787a79d1e3b7317258c504c883dc84639defdad.exe
.exe windows:6 windows x86 arch:x86

Password: infected

1dc2ef5640e2ada4382b41ae3f1e1250

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFilePointer
MapViewOfFile
FindResourceW
FreeLibrary
LoadLibraryExW
EnumCalendarInfoW
VerSetConditionMask
WaitNamedPipeA
CreateDirectoryW
GetModuleHandleExW
WaitForSingleObject
WaitForSingleObjectEx
GetSystemTimeAsFileTime
GetWindowsDirectoryA
TlsSetValue
OpenProcess
GetConsoleCP
GetLocaleInfoW
InitializeCriticalSectionAndSpinCount
Sleep
SizeofResource
ReadProcessMemory
CreateEventA
FormatMessageW
GetExitCodeProcess
Beep
MulDiv
TerminateProcess
FileTimeToSystemTime
GetModuleFileNameW
GetTimeZoneInformation
GetOverlappedResult
CompareStringW
MultiByteToWideChar
GlobalUnlock
RaiseException
VerifyVersionInfoW
IsDBCSLeadByteEx
GetDiskFreeSpaceW
FindClose
ResetEvent
GetLocalTime
CreateEventW
QueryDosDeviceW
CreatePipe
GetOEMCP
GetThreadPriority
IsDebuggerPresent
GetStringTypeW
CloseHandle
DeleteFileW
TlsFree
SuspendThread
GlobalMemoryStatus
CreateThread
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
FlushFileBuffers
LCMapStringW
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
ReleaseSemaphore
VirtualProtect
VirtualAlloc
FreeLibraryAndExitThread
GetThreadTimes
OutputDebugStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
WriteFile
GetFileType
GetStdHandle
GetACP
IsValidCodePage
GetProcessHeap
HeapAlloc
HeapSize
WideCharToMultiByte
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
CreateFileW
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SetThreadPriority
SwitchToThread
SetEvent
GetDateFormatW
VirtualFree
DeleteFileA
OpenFileMappingA
GetCurrentProcessId
FindNextFileW
GetModuleHandleA
EnumResourceTypesW
GetExitCodeThread
GlobalFree
CreateNamedPipeA
GetThreadLocale
WritePrivateProfileStringW
GetStartupInfoW
IsProcessorFeaturePresent
GetFileAttributesA
HeapDestroy
GetVersionExW
LoadLibraryW
GetSystemDirectoryW
GetProcessTimes
SetCommTimeouts
GetCurrentThread
SetCommState
SignalObjectAndWait
SetCommBreak
GetUserDefaultLCID
SetHandleInformation
HeapFree
GetCurrentProcess
GetCommState
SystemTimeToFileTime
SetDllDirectoryW
SetEndOfFile
GetCPInfo
GetDriveTypeW
UnmapViewOfFile
GetLocaleInfoA
EncodePointer
lstrcpyW
ExitProcess
CreateTimerQueue
ExitThread
CreateSemaphoreW
GetProcAddress
GetModuleHandleW
GetTickCount
TlsGetValue
TlsAlloc
SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
GetCommandLineW
HeapReAlloc
GetLastError
DecodePointer
DeleteCriticalSection
DuplicateHandle
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection

user32

CopyRect
GetMonitorInfoW
SetMenuItemInfoW
GetMessageW
GetSubMenu
GetWindowInfo
GetMenuStringW
DrawTextExW
DrawFocusRect
GetMenu
CheckMenuRadioItem
MessageBoxA
GetWindowTextW
SystemParametersInfoW
GetClassNameW
MonitorFromWindow
DestroyCursor
SendDlgItemMessageW
ShowWindow
GetMenuItemCount
CreateWindowExW
SendMessageW
MapWindowPoints
UpdateWindow
GetDlgCtrlID
GetWindowThreadProcessId
GetWindow
IsRectEmpty
ToUnicode
EndPaint
CharUpperBuffW
CharNextW
RegisterWindowMessageW
IsIconic
GetKeyState
LoadStringA
CharLowerBuffW
EnumWindows
GetDC
InflateRect
LoadMenuW
DrawStateW
CharUpperW
GetDesktopWindow
EnumChildWindows
DrawMenuBar
GetKeyboardType
GetDlgItemTextW
SetWindowTextW
DrawFrameControl
SetDlgItemInt

gdi32

CreateHatchBrush
Polygon
GetRegionData
RectInRegion
SetPolyFillMode
StretchDIBits
GetTextExtentPointW
GetBkColor
CloseEnhMetaFile
SetWindowOrgEx
ExtFloodFill
SetWindowExtEx
GetMetaFileBitsEx
GetRgnBox
PtInRegion
ExtCreateRegion
GetObjectW
GetCharABCWidthsW
CreatePatternBrush
SetViewportExtEx
SetROP2
CreateEnhMetaFileW
SetLayout

comdlg32

GetOpenFileNameW

advapi32

RegSetKeySecurity
SetSecurityDescriptorOwner
StartServiceW
RegQueryInfoKeyW
OpenServiceW
OpenSCManagerW
OpenProcessToken
RegOpenKeyExW
RegConnectRegistryW
QueryServiceStatus
RegGetKeySecurity
RegOpenKeyExA
CloseServiceHandle
AdjustTokenPrivileges

shell32

ShellExecuteW
Shell_NotifyIconW
ExtractIconExW
CommandLineToArgvW
SHGetFileInfoW
ShellExecuteExW

ole32

CoTaskMemFree
CoInitialize

oleaut32

VariantInit
VariantCopy
VariantClear
SafeArrayGetLBound
SafeArrayPtrOfIndex
VariantChangeType
SysReAllocStringLen

Sections

.text
Size: 695KB - Virtual size: 695KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UTZT
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

1dc2ef5640e2ada4382b41ae3f1e1250

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 695KB - Virtual size: 695KB

.data Size: 6.0MB - Virtual size: 6.0MB

.idata Size: 7KB - Virtual size: 6KB

.UTZT Size: 3KB - Virtual size: 2KB

.reloc Size: 13KB - Virtual size: 13KB

.text
Size: 695KB - Virtual size: 695KB

.data
Size: 6.0MB - Virtual size: 6.0MB

.idata
Size: 7KB - Virtual size: 6KB

.UTZT
Size: 3KB - Virtual size: 2KB

.reloc
Size: 13KB - Virtual size: 13KB