2166383d715f3ab9499f1ba34f9d4f4e[.]bin | Triage

Resubmissions

27/06/2023, 16:18

230627-tr3spseg96 5

17/06/2023, 01:01

230617-bc75rshe77 5

Sharing

General

Target

2166383d715f3ab9499f1ba34f9d4f4e.bin
Size

373KB
MD5

2375f25f340effdb521b16328e1b4f29
SHA1

3894147fe7aff27cc9ebcad6d0250eef9e037b59
SHA256

89e79c93bea4853af4c5ea8408d4fd0103dbad18e1467c2b27a0673c887175c2
SHA512

f0c82c2ba1fe69a61ddd31190d60222265f948181b27b8417d22acbdecf6f9c6db1812d2e4e5935805e1d792d06b07c0f770daffa88223476d505406d087f1c6
SSDEEP

6144:WZP2V+HyjvVcUG3cpS64oWqJvhC5oUmNNQTrI6RDHbFIoPAEYKEyi1Z9:WNSjva6t/d8bmbqrI6RDHDdEyOD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/e75305a8faf628d6539eff7fee2855b3b35dd737772343b2ca82fcc174c8fb5d.exe

Files

2166383d715f3ab9499f1ba34f9d4f4e.bin
.zip

Password: infected
e75305a8faf628d6539eff7fee2855b3b35dd737772343b2ca82fcc174c8fb5d.exe
.exe windows x86

Password: infected

262b81a7f42857110a67ee29e798726c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
HeapCreate
SetEvent
ResetEvent
WaitForSingleObject
CreateMutexW
CreateEventW
GetVersion
CreateTimerQueue
GetModuleHandleA
DeleteAtom
AddAtomW
FindAtomW
GetAtomNameW

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 394B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 442KB - Virtual size: 441KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ