b280cc4e78a7bff8d072713f8b4beb29[.]bin

Sharing

Copy URL

Twitter E-mail

General

Target

b280cc4e78a7bff8d072713f8b4beb29.bin
Size

2.0MB
MD5

868a4850f14b324e6f1682491c124730
SHA1

0b295345910509be64f0333f90d5c9fe63bf4311
SHA256

9533919643c9ba9f98177f54a24eb89c092266ee83c1237ee485d46fd3bca3b9
SHA512

c323c2b8dab0df74d8c91ef3a8de9810e349740f5dfa421a77a17fa469bd9c0af3d289e0ac39c7fb862bc4a91e5e33b5c83d73004c2fda5946a10c29ab616be7
SSDEEP

49152:NjXsWhOq9oL2MR80h8aAAmpl+43PyCf2WY2hB7pThJHDJ3cS1RbUHNAtK:ZX5h/CL2EGbUgkWY2/HFV1RbUStK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/ae3ae350218998f35fe4582d010844c4f62490af30af438c1735e5037d115fc1.exe

Files

b280cc4e78a7bff8d072713f8b4beb29.bin
.zip

Password: infected
ae3ae350218998f35fe4582d010844c4f62490af30af438c1735e5037d115fc1.exe
.exe windows:4 windows x64 arch:x64

df9a7bc1c6c6cd97d04c3762fdde6719

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CreateSemaphoreW
DeleteCriticalSection
EnterCriticalSection
GetLastError
GetModuleFileNameW
GetStartupInfoW
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
ReleaseSemaphore
SetLastError
SetUnhandledExceptionFilter
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualProtect
VirtualQuery
WaitForSingleObject

msvcrt

__C_specific_handler
___lc_codepage_func
___mb_cur_max_func
__iob_func
__set_app_type
__setusermatherr
__wgetmainargs
__winitenv
_amsg_exit
_assert
_cexit
_commode
_errno
_fmode
_initterm
_onexit
_wcmdln
_wcsicmp
_wgetenv
abort
calloc
exit
fprintf
fputwc
free
fwprintf
fwrite
localeconv
malloc
memcpy
memset
realloc
signal
strerror
strlen
strncmp
vfprintf
wcscat
wcscpy
wcslen
wcsncmp
wcsstr

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

df9a7bc1c6c6cd97d04c3762fdde6719

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 42KB - Virtual size: 41KB

.data Size: 2.0MB - Virtual size: 2.0MB

.rdata Size: 4KB - Virtual size: 3KB

.pdata Size: 2KB - Virtual size: 1KB

.xdata Size: 2KB - Virtual size: 1KB

.bss Size: - Virtual size: 3KB

.idata Size: 2KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 104B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 1024B - Virtual size: 904B

.reloc Size: 512B - Virtual size: 140B

.text
Size: 42KB - Virtual size: 41KB

.data
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 4KB - Virtual size: 3KB

.pdata
Size: 2KB - Virtual size: 1KB

.xdata
Size: 2KB - Virtual size: 1KB

.bss
Size: - Virtual size: 3KB

.idata
Size: 2KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 104B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1024B - Virtual size: 904B

.reloc
Size: 512B - Virtual size: 140B