9f4f298bcf1d208bd3ce3907cfb28480[.]bin | Triage

Sharing

General

Target

9f4f298bcf1d208bd3ce3907cfb28480.bin
Size

7.6MB
MD5

c3236e8da8f4a2f3720d04da4e3a893f
SHA1

ea0124bdb1c779d460177c7bd47362d2a13880e2
SHA256

2a595063599d972c30892ee4933c34967b7af01c4042476ae5e99399a539bce4
SHA512

9dbd4d9bb285921144078c9f4d4199a85295cde2c31bf1d6110035e5a45d037ae26f7b4049bf6f5da0de455948c16943bd65ccad961d885b2435ff9b3a367587
SSDEEP

196608:p1mMlrqXqmqvA5QW+t4K31pp5MV7HkMKvg9bg:rmMtqXUpW+OK31pbMlHLYh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/bf7057293d871cac087daab42daf22c1737a1df6adc7b7963989658f3b65f4cc.exe

Files

9f4f298bcf1d208bd3ce3907cfb28480.bin
.zip

Password: infected
bf7057293d871cac087daab42daf22c1737a1df6adc7b7963989658f3b65f4cc.exe
.exe windows:4 windows x86 arch:x86

Password: infected

d5d9d937853db8b666bd4b525813d7bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindFileNameA

kernel32

LockResource
lstrlenA
CloseHandle
CreateFileA
ExitProcess
FindResourceA
FreeResource
GetCommandLineA
GetEnvironmentVariableA
GetFileSize
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetSystemDirectoryA
GetTempPathA
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
HeapAlloc
HeapFree
LoadLibraryA
LoadResource
lstrcpynA
RtlMoveMemory
SetFileAttributesA
SizeofResource
WriteFile
lstrcatA
lstrcpyA

user32

CreateWindowExA
DefWindowProcA
DispatchMessageA
GetMessageA
LoadCursorA
LoadIconA
MessageBoxA
PostQuitMessage
RegisterClassExA
SendMessageA
ShowWindow
TranslateMessage
UpdateWindow

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7.7MB - Virtual size: 7.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE