11c62b8004d4b334202c7e5546ca3b88[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11c62b8004d4b334202c7e5546ca3b88.bin
Size

14.0MB
MD5

6b1f0dc70bae5d3962abde64165d33d6
SHA1

a9907fba5f68af520a2c7db7fee7e0c26d9b9b01
SHA256

76a3e562cadc8653276f9194c63227cc0267c29d023844dcd6060ab4871c29b4
SHA512

e277c8e35780d36ba90a8a1e6a81321a2c7cade9a3eaf540538ea7123dbe0bd4ed4a59bccb4f597f1d466469b778b306c626efe1bb1a3b6c3261d0e5d439b1ec
SSDEEP

393216:qCaFtxdvtMckaU/RgB+Ma0LYqdtklDjMxLQIQY:qCa5d1McEgN/dejQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/7056b770005321314ab761af6dcaa312762d1f0b88cbd5d812697a02f612380d.exe

Files

11c62b8004d4b334202c7e5546ca3b88.bin
.zip

Password: infected
7056b770005321314ab761af6dcaa312762d1f0b88cbd5d812697a02f612380d.exe
.exe windows x86

Password: infected

d02a2f25794b88116dec9ed5298f35b0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memcpy

kernel32

GetCurrentProcessId
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

Sections

.text
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.@>#
Size: - Virtual size: 8.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.N\o
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.5;9
Size: 14.7MB - Virtual size: 14.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ