6fd0926a8817fede28372c309be1ec41[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6fd0926a8817fede28372c309be1ec41.bin
Size

8.4MB
MD5

40e8ff8578095578d298e3b84251376d
SHA1

94d56c6e4377cc6ec9896cadeaaff7c169fad718
SHA256

2536d015c50eb4334d46254508e201d32ab5be0bb5b1c2f5d700d72101fdd274
SHA512

832ef50fe0ef591091523b9aa33d7d0dbe17c111e0df914f8b44d24f832aea6386241dd57d53b070d46cb19c14a07a977f64ba4b4c4f669768a1b93f3a4bbbb9
SSDEEP

196608:3oY1dr6zQQ4KmKHKNUbF0e9UEkRRHR3cL02hq1scSFLSIot/:Ne0zxSKeGz3cLVq1sca9w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/b9d131247fa8488311afe5da12d699c984cbbf71ba7edf8b560d11c18ea9872c.exe

Files

6fd0926a8817fede28372c309be1ec41.bin
.zip

Password: infected
b9d131247fa8488311afe5da12d699c984cbbf71ba7edf8b560d11c18ea9872c.exe
.exe windows x64

Password: infected

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 6.7MB - Virtual size: 9.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

spcmthlz
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mefxxwdj
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ