84c9aff3def393001920b3fef66f3e80[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

84c9aff3def393001920b3fef66f3e80.bin
Size

1.5MB
MD5

52906e3c8fdd5cd46a06332f308c764e
SHA1

9d1ae36752ba6f643febf28066fa12360c62c108
SHA256

52e9128fa57dc0bb34494f7ad82190e008daeb6004f53c50735e75b974d240de
SHA512

d3902dcb5e18af4a29c331c43333daa5a41d68e7d1cc9b059e56a340acaf15f202f72e8a72e6b4e5b40ef8ec8ea6edbb63e984cf5e17721041cd696a58893ccb
SSDEEP

49152:3hfY7M0+Yj1UqqkIEJQR9AarxeNmOfPdWymGQ:RF0buqqkFQR+aEfH8yI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/a7cc83ed15ec456788b60419e06bcc92e18f0a42a88239ede8b94cb754d3dc94.exe

Files

84c9aff3def393001920b3fef66f3e80.bin
.zip

Password: infected
a7cc83ed15ec456788b60419e06bcc92e18f0a42a88239ede8b94cb754d3dc94.exe
.exe windows x86

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ