Bitcoin miners[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

Bitcoin miners.zip
Size

1.4MB
MD5

e4c9fb7d5ab54817a6ddeefaca3294c3
SHA1

43b10ca575a389afa4a0245f9588c24fa07b9102
SHA256

ae68e63b240f7b29aab1498c501aa7250dbcda1186cc5ecec06751dff7076947
SHA512

b041850592e2b5dfd972cf6967473f347f94eaaf1739620b048b12821821c5c273c1e3ece7fa4643b0931c1a64660912c158323ca1d88c05978036862ec6d54e
SSDEEP

24576:l8537bAM/pMlFchQvy1WHQ1M+0xjPOTItU+hMAH/CnIg6Xog9yc8ubIVqLvrQNT:l8ZbUvcCvykw1MwTSM8CGjJzbeqrrCT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/02ca4397da55b3175aaa1ad2c99981e792f66151.bin

Files

Bitcoin miners.zip
.zip
Bitcoin miners/02ca4397da55b3175aaa1ad2c99981e792f66151.zip
.zip

Password: infected
02ca4397da55b3175aaa1ad2c99981e792f66151.bin
.exe windows:4 windows x86 arch:x86

87e83bda436138fd7844ecd76decc70d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

wininet

FtpFindFirstFileA
FtpGetFileA
FtpOpenFileA
FtpPutFileA
InternetCloseHandle
InternetConnectA
InternetFindNextFileA
InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetSetOptionA

kernel32

AddAtomA
CloseHandle
CreateEventA
CreateFileA
CreateMutexA
CreateSemaphoreA
DeleteCriticalSection
DeleteFileA
DuplicateHandle
EnterCriticalSection
ExitProcess
ExpandEnvironmentStringsA
FindAtomA
FindResourceA
GetAtomNameA
GetCommandLineA
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetHandleInformation
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
GetStartupInfoA
GetThreadContext
GetThreadPriority
GetTickCount
InitializeCriticalSection
InterlockedDecrement
InterlockedExchangeAdd
InterlockedIncrement
LeaveCriticalSection
LoadResource
LockResource
QueryPerformanceCounter
QueryPerformanceFrequency
ReleaseMutex
ReleaseSemaphore
ResetEvent
ResumeThread
SetEvent
SetLastError
SetProcessAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SuspendThread
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WriteFile

msvcrt

_write
__getmainargs
__p__environ
__p__fmode
__set_app_type
_beginthread
_beginthreadex
_cexit
_endthread
_endthreadex
_ftime
_iob
_onexit
_setjmp
_setmode
abort
atexit
calloc
exit
fclose
fopen
fprintf
fputc
fputs
free
fscanf
fwrite
longjmp
malloc
memcmp
memcpy
memmove
memset
printf
rand
realloc
signal
sprintf
srand
strcmp
strcpy
strlen
strncpy
strstr
vfprintf

shell32

ShellExecuteA

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 18KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Password: infected

87e83bda436138fd7844ecd76decc70d

Headers

File Characteristics

Imports

wininet

kernel32

msvcrt

shell32

Sections

.text Size: 78KB - Virtual size: 77KB

.data Size: 1KB - Virtual size: 1KB

.rdata Size: 10KB - Virtual size: 10KB

.eh_fram Size: 1024B - Virtual size: 1016B

.bss Size: - Virtual size: 18KB

.idata Size: 3KB - Virtual size: 3KB

.CRT Size: 512B - Virtual size: 28B

.tls Size: 512B - Virtual size: 32B

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.text
Size: 78KB - Virtual size: 77KB

.data
Size: 1KB - Virtual size: 1KB

.rdata
Size: 10KB - Virtual size: 10KB

.eh_fram
Size: 1024B - Virtual size: 1016B

.bss
Size: - Virtual size: 18KB

.idata
Size: 3KB - Virtual size: 3KB

.CRT
Size: 512B - Virtual size: 28B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 1.4MB - Virtual size: 1.4MB