b386c525abc472db2fdce63471a0b178439cbda1a2e1726689cf3ffc745a0a4f[.]bin[.]sample | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b386c525abc472db2fdce63471a0b178439cbda1a2e1726689cf3ffc745a0a4f.bin.sample
Size

148KB
MD5

75d9fe553076f83d40065de79670b0b3
SHA1

f191fa45e9c668eb296c7981459d100c964119d0
SHA256

b386c525abc472db2fdce63471a0b178439cbda1a2e1726689cf3ffc745a0a4f
SHA512

cb196cbe307459b154be1800331ddad02c9595a0dff5afb2fd161f448ec284304f38cc12e48435f524ed9e5e1a50cacb1c638459a052693c2bfacbba5cb97c9f
SSDEEP

1536:rpfzdtgABuYKmToggjrjA1+gxsqxsqxsqxsqxsqxsqxs3xskr:ZdtgOuYKmT+PssTRRRRRRqkr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b386c525abc472db2fdce63471a0b178439cbda1a2e1726689cf3ffc745a0a4f.bin.sample

Files

b386c525abc472db2fdce63471a0b178439cbda1a2e1726689cf3ffc745a0a4f.bin.sample
.exe windows x86

78a40fa2b6e8e6ffc84257a53849d05b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

PostMessageA
DispatchMessageW
MessageBoxA
LoadStringW
GetPropA
GetClassLongA
IsCharUpperA
DrawStateW
IsDialogMessageW
LoadMenuW
CreateDesktopW
LoadIconA
LoadCursorA

kernel32

WaitForSingleObject
GetCurrentProcess
GetModuleHandleW
GetFileAttributesA
FindNextFileA
GetTempPathW
GetModuleFileNameA
IsBadReadPtr
GetExpandedNameW
GetCurrentThread
LoadLibraryA
GetProfileSectionA
GetProcAddress
GetStringTypeA
WaitNamedPipeA
LeaveCriticalSection
GetConsoleAliasW
SearchPathW
GetLogicalDriveStringsA

odbctrac

TraceSQLCancel
TraceSQLError

cfgmgr32

CMP_Report_LogOn
CM_Add_IDA
CM_Add_Range
CMP_Init_Detection

modemui

drvSetDefaultCommConfigA
CountryRunOnce

Sections

.text
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ