1701973cfac8aaecb4ac3d895a0cfd67[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1701973cfac8aaecb4ac3d895a0cfd67.bin
Size

11KB
MD5

f2005099644ed068ed1b95ab42b673cb
SHA1

747433cc75c926f009acd2e30d6a018bd2ddab83
SHA256

e2df80623d063ce20e3dbeb91a78fb0f74c1454bc3053d929258278703918f05
SHA512

e477d848088a97f79f6e91b805bb754562b8ee21eb9f05d0de3b3a125947dd6860ab7129f0705fa61515f9cbedc9228323716184946eaebcd9aefcee930a44a3
SSDEEP

192:ohg0+YjeTuzhy04t2e/KcYJgSHETgzwPiTVMNG3V0oYNW+NUJVxLOlC:ohzzjeCz0t2fpDHYPiTXV0haJVeC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/45be68d373f67d44120f4fdaf17fbc6bfeebc0f65d8776b9431015a55892d3a0.bin

Files

1701973cfac8aaecb4ac3d895a0cfd67.bin
.zip

Password: infected
45be68d373f67d44120f4fdaf17fbc6bfeebc0f65d8776b9431015a55892d3a0.bin
.exe windows:5 windows x86

Password: infected

db206e36db5c9492ce02c61a679129e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

BeginPaint
DispatchMessageA
DrawTextA
EndPaint
TranslateMessage
GetMessageA
PostQuitMessage
ShowWindow
UpdateWindow
MoveWindow
CreateWindowExA
RegisterClassExA
DefWindowProcA
MessageBoxA
SendMessageA
LoadIconA
DestroyWindow
LoadCursorA
GetClientRect
GetWindowRect

kernel32

GetLastError
lstrcpyA
GetModuleHandleA
GetCommandLineA
DeleteFileA
CloseHandle
CreateFileA

gdi32

DeleteObject
CreateFontIndirectA

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ