0d861d0d9fb971c7b9008c411492949b[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d861d0d9fb971c7b9008c411492949b.bin
Size

98KB
MD5

c127b4bfac332442b2f081e0b1e577c7
SHA1

180d82c2f267d58fd0ca5f4c146cdeba323c586f
SHA256

cd811accce7566539371ddb87d41814cf02b4d6432fdf2ce80a0cc209751c176
SHA512

a8b0a1444cc888263e9807c5a1c8b50f63b0597a066e3897e76924a628dd2293a8ce8e5f0c903c5ea9b7fc3e3db05d5d52efbe2ec4f466405ff11828aa00d4ba
SSDEEP

1536:LM49RlIc8Jus7o+8AgW3pz0y9P1nQqC3iGCdSmqYFM4evkstepEg2K:LBP8Ju0oPnmp9FC3ifdMtMfpEBK

Score

1^/10

Malware Config

Signatures

Files

0d861d0d9fb971c7b9008c411492949b.bin
.zip

Password: infected
5fd5ada405ab028dd8f6c7a6ab44cca681b0ceb29d5834a1b23278a02cd8143e.exe
.exe windows x86

Password: infected

7a2ee1b3c8005ec1e8a1b134e603e891

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
DeleteFileA
WriteConsoleW
DeleteFileA
GetModuleHandleW
GetProcessHeap
GetModuleHandleA
Heap32Next
GetStringTypeW
SetFilePointer
HeapFree
GetExitCodeProcess
CreateFileMappingW
GetProcessHeap
GetLastError
GetACP
SetCurrentDirectoryA
HeapCreate
GetShortPathNameW
DeleteFileA
GetStringTypeW
SetEnvironmentVariableA
GetConsoleTitleA

mstscax

DllCanUnloadNow
DllGetTscCtlVer
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dataz
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rs
Size: 1024B - Virtual size: 544B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ