f4cac7f530910389ded9c795cc13e299[.]bin

Resubmissions

13-11-2024 00:30

241113-atm1gsxjdn 10

08-05-2024 04:01

240508-elpxbshf41 10

Sharing

Copy URL

Twitter E-mail

General

Target

f4cac7f530910389ded9c795cc13e299.bin
Size

1.3MB
MD5

ace3d833346d33f16c3c7e564138f143
SHA1

98e5c3e65a134995a11c280574122b9e82c5ef89
SHA256

7fa1105774c063a3c0018866defb10c010ec23a407de685f0176143e8fcf5c8a
SHA512

f2d21bc600aa6a50320535232751a254cee96c4f2e5ae90dcde8c2dff178184c871bc09e3efdcad9abc3d2f347fedbd37781eee5b82346ee9ec35da3430ffd07
SSDEEP

24576:UYboJ1OjB/yeaUbdsUIYxss3OVmTY41H43S7/L0z03gyJLUn6qEktTWzX:UYboga2pxsBIT11l7/Qz9yc1btTWzX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/ccc029998b00cd29335e0729d852becea2ebe6a9ce2547f963f71da97d07439f.exe

Files

f4cac7f530910389ded9c795cc13e299.bin
.zip

Password: infected
ccc029998b00cd29335e0729d852becea2ebe6a9ce2547f963f71da97d07439f.exe
.exe windows:6 windows x64 arch:x64

Password: infected

5252603393e17c6daba3fab19a2bf814

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetLastError
TryEnterCriticalSection
CreateActCtxA
ActivateActCtx
DeactivateActCtx
CreateThread
SuspendThread
OpenThread
GetModuleHandleA
CreateNamedPipeA
ExitProcess
VirtualAlloc
SetNamedPipeHandleState
GetSystemTime
DeleteCriticalSection
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
HeapAlloc
HeapFree
GetModuleHandleW
GetProcAddress
SetLastError
InitializeCriticalSectionAndSpinCount
TlsGetValue
TlsSetValue
FreeLibrary
LoadLibraryExW
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
GetACP
GetStringTypeW
RaiseException
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
SetStdHandle
GetCPInfo
IsValidCodePage
GetOEMCP
GetModuleHandleExW
CloseHandle
SetFilePointerEx
WriteConsoleW
ReadFile
ReadConsoleW
CreateFileW
RtlUnwindEx

Sections

.text
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rotext
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 756KB - Virtual size: 756KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 599KB - Virtual size: 602KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

5252603393e17c6daba3fab19a2bf814

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 80KB - Virtual size: 80KB

.rotext Size: 18KB - Virtual size: 17KB

.rdata Size: 756KB - Virtual size: 756KB

.data Size: 599KB - Virtual size: 602KB

.pdata Size: 3KB - Virtual size: 2KB

.gfids Size: 512B - Virtual size: 32B

.rodata Size: 512B - Virtual size: 88B

.rsrc Size: 12KB - Virtual size: 11KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 80KB - Virtual size: 80KB

.rotext
Size: 18KB - Virtual size: 17KB

.rdata
Size: 756KB - Virtual size: 756KB

.data
Size: 599KB - Virtual size: 602KB

.pdata
Size: 3KB - Virtual size: 2KB

.gfids
Size: 512B - Virtual size: 32B

.rodata
Size: 512B - Virtual size: 88B

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 1KB - Virtual size: 1KB