01b3d7a48cecc3785474309a26c5159e[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

01b3d7a48cecc3785474309a26c5159e.bin
Size

2KB
MD5

528d92b2ea64e68a6f1557306eb8d063
SHA1

3dd3ff168a8ee5e2905143a101dc60556b93801b
SHA256

5684f9db722ada9d99f84449a90f48e7025391c205e7b5c91640737abb54cf78
SHA512

e436ed09084770d817d83ceaf106fed52e25f921d85381be6187045e67ba0cedabf6765483717a2421d8c23d7d022fa7e853123892dc8cd0579fd76d4aba6838

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/6d850091bb6346bae710a6a108042581af08846227cdeb60e2bba84e9a87cc90.exe

Files

01b3d7a48cecc3785474309a26c5159e.bin
.zip

Password: infected
6d850091bb6346bae710a6a108042581af08846227cdeb60e2bba84e9a87cc90.exe
.exe windows:4 windows x86

Password: infected

188377d57cba9a2758b975ed26e9137f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadMenuA
PostQuitMessage
RegisterClassExA
ReleaseDC
MessageBoxA
PeekMessageA
ShowWindow
TranslateMessage
UpdateWindow
LoadIconA
LoadCursorA
GetSystemMetrics
GetDC
GetClientRect
FillRect
DispatchMessageA
DefWindowProcA
CreateWindowExA
SetMenu
SetWindowTextA

kernel32

LoadLibraryA
GetTickCount
GetProcAddress
ExitProcess

gdi32

SetPixel
GetStockObject

advapi32

CryptReleaseContext
CryptGenRandom
CryptAcquireContextA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE