d4534ef21b2f4b8ec360905c0ce2614f[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d4534ef21b2f4b8ec360905c0ce2614f.bin
Size

120KB
MD5

e1938aa74fcf631f8091a6f0e0880b65
SHA1

a6e14592cc47f122c4d02a9301c578dcfb03c07d
SHA256

2f26f2836baf64ebf15774470bb79633e34ce4e08ee8a3675f8fabc42dd7f14d
SHA512

6ddf1a970845a1b06fafbb1e7f47e3a11642ab3cf0792762ce25e8af4bf46f3df96e8effbf3e9f180d7dca9b8d81c01f48098f7a1086e268b21fb1648a62f632
SSDEEP

3072:w57OKeQC5WxWJMETjZ+6eNOsPtEVfij9gf61Fo2:slNAuWJD3gvEatkUgf6/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/b9ff2b1a0f93eae86c8323cd59bdad6b4e94c1bc4a4289632a084a98bc55e2a9.dll

Files

d4534ef21b2f4b8ec360905c0ce2614f.bin
.zip

Password: infected
b9ff2b1a0f93eae86c8323cd59bdad6b4e94c1bc4a4289632a084a98bc55e2a9.dll
.dll windows x86

Password: infected

63bc622ddbb364868c646ebb5f982ffe

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFree
LocalAlloc
DisableThreadLibraryCalls
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

Compress
CreateCompression
CreateDecompression
DeInitCompression
DeInitDecompression
Decompress
DestroyCompression
DestroyDecompression
InitCompression
InitDecompression
ResetCompression
ResetDecompression

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ