726ea3752d7be7a823de84c9ad74a701[.]bin

Sharing

Copy URL Twitter E-mail

General

Target

726ea3752d7be7a823de84c9ad74a701.bin
Size

7.4MB
MD5

043c12f143bbfda4221c5f4a3dbde8dd
SHA1

e871cdeed113a140907a513abb6b49acddf66d6f
SHA256

e0c2e19a50b3a28f2b42f646fd3c72d3d99124d69bf76d70de1580f6555dae9b
SHA512

9658bfb67f201a2465dbdb629cc675244fc972828c22990cf4721b5d1508b1b8eadff25e46ce04eb0d3e081503456b5c9f5b530c1e395c6e38be619db827aa9e
SSDEEP

196608:IjKgSWWMnftjD7soAtYVPjFuBjMQ24R17wo08Lk5CS0F:Ij9WKN4WrNQXLMofLk5Bq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/8ad9c65fe68db82d81a269d5f6e5cfd31e8c9fe7671dec0cf1bacbad6be0c323.exe

Files

726ea3752d7be7a823de84c9ad74a701.bin
.zip

Password: infected
8ad9c65fe68db82d81a269d5f6e5cfd31e8c9fe7671dec0cf1bacbad6be0c323.exe
.exe windows:6 windows x86 arch:x86

Password: infected

39d5c04458acdb2fecb1fc360743ee8d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
WriteConsoleW
WerSetFlags
WerGetFlags
WaitForMultipleObjects
WaitForSingleObject
VirtualQuery
VirtualFree
VirtualAlloc
TlsAlloc
SwitchToThread
SuspendThread
SetWaitableTimer
SetUnhandledExceptionFilter
SetProcessPriorityBoost
SetEvent
SetErrorMode
SetConsoleCtrlHandler
ResumeThread
RaiseFailFastException
QueryPerformanceFrequency
QueryPerformanceCounter
PostQueuedCompletionStatus
LoadLibraryW
LoadLibraryExW
SetThreadContext
GetThreadContext
GetSystemInfo
GetSystemDirectoryA
GetStdHandle
GetQueuedCompletionStatusEx
GetProcessAffinityMask
GetProcAddress
GetErrorMode
GetEnvironmentStringsW
GetCurrentThreadId
GetConsoleMode
FreeEnvironmentStringsW
ExitProcess
DuplicateHandle
CreateWaitableTimerExW
CreateThread
CreateIoCompletionPort
CreateEventA
CloseHandle
AddVectoredExceptionHandler

Sections

.text
Size: 9.3MB - Virtual size: 9.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10.7MB - Virtual size: 10.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 543KB - Virtual size: 769KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 513KB - Virtual size: 512KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.idata
.rdata
.reloc
.rsrc/GROUP_ICON/103
.rsrc/ICON/1.ico
.rsrc/ICON/2.ico
.rsrc/ICON/3.ico
.rsrc/ICON/4
.png

Password: infected
.rsrc/ICON/5.ico
.rsrc/ICON/6.ico
.rsrc/ICON/7.ico
.rsrc/ICON/8.ico
.rsrc/MANIFEST/1
.xml
.rsrc/version.txt
.symtab
.text

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

39d5c04458acdb2fecb1fc360743ee8d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 9.3MB - Virtual size: 9.3MB

.rdata Size: 10.7MB - Virtual size: 10.7MB

.data Size: 543KB - Virtual size: 769KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 513KB - Virtual size: 512KB

.symtab Size: 512B - Virtual size: 4B

.rsrc Size: 152KB - Virtual size: 151KB

Password: infected

.text
Size: 9.3MB - Virtual size: 9.3MB

.rdata
Size: 10.7MB - Virtual size: 10.7MB

.data
Size: 543KB - Virtual size: 769KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 513KB - Virtual size: 512KB

.symtab
Size: 512B - Virtual size: 4B

.rsrc
Size: 152KB - Virtual size: 151KB