d122c989fe69f0912e7fb2aa838d6eb83995c86b6986f7b9e20fbea287e91ed4[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d122c989fe69f0912e7fb2aa838d6eb83995c86b6986f7b9e20fbea287e91ed4.bin
Size

146KB
MD5

b3fa9e293c8a1886076f9bcb6e418373
SHA1

edeca3d9be67fe3e643b8d0e8456c327d119b2c7
SHA256

d122c989fe69f0912e7fb2aa838d6eb83995c86b6986f7b9e20fbea287e91ed4
SHA512

9f789b8f21c108ee16cc2ef34c74d09c564ea5a50fd59e93675543a4905ed81d5fb6dfe9f939fa3347bc6804fb1da499c362abed05dfabed6b2388da6ed952b8
SSDEEP

3072:t7fL6ADhJ1luf+5Di2/m7V2vVPuYK5gQFF0ZQ:RfL6AlEF7V2sYK5rL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d122c989fe69f0912e7fb2aa838d6eb83995c86b6986f7b9e20fbea287e91ed4.bin

Files

d122c989fe69f0912e7fb2aa838d6eb83995c86b6986f7b9e20fbea287e91ed4.bin
.exe windows:1 windows x86

6af1922a02b6a44b6a0820a60299381b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RtlUnwind
GetEnvironmentStringsW
ExpandEnvironmentStringsA
QueryPerformanceFrequency
UnmapViewOfFile
GetVersion
HeapCreate
InitializeCriticalSection
SetEndOfFile
ReadProcessMemory
DeviceIoControl
GetFileTime
LoadLibraryW
ReadFile
GetExitCodeThread
GetStartupInfoA
HeapFree
SetThreadAffinityMask
Sleep
CloseHandle
WriteConsoleA
CreateFileA
MultiByteToWideChar
GetModuleHandleA
LCMapStringA

msvcrt

__setusermatherr
memcpy
_get_heap_handle
__set_app_type
_getdrives
iswascii
_purecall
_wenviron
_adjust_fdiv
_i64tow
_outpw
_XcptFilter
_initterm
_except_handler3
_exit
_wfreopen
_scalb
_scwprintf
fclose
exit
_rmdir
isupper
_controlfp
_mbsnset
__getmainargs
memset
__p__fmode
_acmdln
_wperror
log
__p__commode
_ctime64
_close
bsearch
_fsopen
sscanf
_makepath
_wrename

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ