99fb5a0e5dffc90153c2e4c226cfd4cc[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

99fb5a0e5dffc90153c2e4c226cfd4cc.bin
Size

3.0MB
MD5

8a54b9904bd85f51c849ec233bc753d1
SHA1

68d3288ca0f874aa1d077c8aff7f100d93150cc3
SHA256

08f0e60f1403c38d07d5e93945dcae52738e8332c9ec0af8cbc0b1375cad5144
SHA512

ba779c01139938205d30405633742ba463a4144aab57d759dabcca853d9708c7424c103d3a21d96fca1d1cd4b9aead14c81a78aa258e536bd4dc1d7ea9e91b44
SSDEEP

49152:VgJeNQXv6BYf8bA0fAxAAJOL17fDFsKZllu6xXz1Tqd3QPrtfpdjAYFStKxXtY6p:keO660b6xTJU1rxs4llu6B1oQPrtX9Fj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/6a6412d8144185daee699dd5de22bb3bea46b2433cb4e45fd3ae4577831ce54a.exe

Files

99fb5a0e5dffc90153c2e4c226cfd4cc.bin
.zip

Password: infected
6a6412d8144185daee699dd5de22bb3bea46b2433cb4e45fd3ae4577831ce54a.exe
.exe windows x86

Password: infected

a2a3e6d4fc968e1e65b99fc8b576cc36

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

memcpy

user32

GetProcessWindowStation

Sections

.MPRESS1
Size: 2.9MB - Virtual size: 7.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE