aabb54951546132e70a8e9f02bf8b5ba[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aabb54951546132e70a8e9f02bf8b5ba.bin
Size

1.1MB
MD5

166bd14069cd9c1682c17ce6a9b049b0
SHA1

0877ddcef8b7746eab636ccc53584983ef8f9c8c
SHA256

1120065682bd8ce9ef953f5bd82b799f73722cd4b3c0ff6738d1f7984fd1529b
SHA512

aa22d6e8d3c2faab2804ca2f59a1edf370168b3f077114f9a0cd87b9eb7e2dbb5ced2c23fcba8e2e77adef375b5258fa31dca3ee6460f75d33e9baf21e1542d2
SSDEEP

24576:giqdQKGaUfY1bIl6JGPYPJuEtp6z2vU0nSZsInAmjHL22C4kpL0:4ABfYCUAPYPJuEtp6zx0n8sInNtRkpL0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/1cc4fab54263dfa842c80a72b78a9c223894264b9b4f25263d8fdc2f69def8a1.exe

Files

aabb54951546132e70a8e9f02bf8b5ba.bin
.zip

Password: infected
1cc4fab54263dfa842c80a72b78a9c223894264b9b4f25263d8fdc2f69def8a1.exe
.exe windows x86

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 495KB - Virtual size: 584KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 604KB - Virtual size: 608KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE