Win1[.]0[.]iso

Resubmissions

23-11-2024 04:03

241123-emmtcsxqes 3

23-11-2024 04:01

241123-elnz2atpgr 3

Sharing

Copy URL

Twitter E-mail

General

Target

Win1.0.iso
Size

3.7MB
MD5

c1eaacbe8c08b99359e479bcfe7ea81a
SHA1

1b142c02e846a2bf4aca61f1bde9de728e80d063
SHA256

fbac1dec32c78b793c4917c6688129303f60da9be7f5c6933aeb63f8d8a3569f
SHA512

2013d931e95be244e15d8fecc1c82e9b02f8672d9d3d2ee229c4e13c5a9433867885b75e82370fff1f6a8681ba9763c42c1d9cf9ba2dd0af67b39786237f5cfa
SSDEEP

98304:a7bVhb+fdhN0kze15dfcFhYzmLN0kzeh5dfcFhYzy:aXVEN0kzebd6hY20kzeHd6hYm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/mkisofs.exe

Files

Win1.0.iso
.iso
out.iso
.iso
CREAISO.BAT
Wf.IMA
[BOOT]/Boot-NoEmul.img
a.cfg
b.cfg
boot.catalog
c.cfg
chain.c32
comm.msg
cpu.cfg
d.cfg
default.cfg
e.cfg
f.cfg
g.cfg
hdd.cfg
help.msg
home.png
.png
isolinux.bin
isolinux.cfg
livecd.sgn
memdisk
memt.cfg
menu.c32
mkisofs.exe
.exe windows:1 windows x86 arch:x86

d1cba1642a707c41d8ddcb4ae998f783

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharUpperA

kernel32

CloseHandle
CreateEventA
CreateFileA
DeleteFileA
DosDateTimeToFileTime
ExitProcess
FileTimeToDosDateTime
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsA
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetCurrentDirectoryA
GetCurrentThreadId
GetEnvironmentStrings
GetFileAttributesA
GetFileType
GetFullPathNameA
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStdHandle
GetTimeZoneInformation
GetVersion
LoadLibraryA
LocalFileTimeToFileTime
MultiByteToWideChar
ReadConsoleInputA
ReadFile
SetConsoleCtrlHandler
SetConsoleMode
SetCurrentDirectoryA
SetEnvironmentVariableA
SetEnvironmentVariableW
SetFileApisToOEM
SetFilePointer
SetStdHandle
SetUnhandledExceptionFilter
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualQuery
WideCharToMultiByte
WriteConsoleA
WriteFile

Sections

AUTO
Size: 98KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DGROUP
Size: 40KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 56KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
null
prova.cfg
reboot.c32
sd.ima
sdue.cfg
sf.png
.png
sfa.cfg
sfn.cfg
stre.cfg
supp.msg
vesamenu.c32

Resubmissions

Sharing

General

Malware Config

Signatures

Files

d1cba1642a707c41d8ddcb4ae998f783

Headers

File Characteristics

Imports

user32

kernel32

Sections

AUTO Size: 98KB - Virtual size:

.idata Size: 2KB - Virtual size:

DGROUP Size: 40KB - Virtual size:

.bss Size: 56KB - Virtual size:

.reloc Size: 7KB - Virtual size:

AUTO
Size: 98KB - Virtual size:

.idata
Size: 2KB - Virtual size:

DGROUP
Size: 40KB - Virtual size:

.bss
Size: 56KB - Virtual size:

.reloc
Size: 7KB - Virtual size: