60ff905c123e47fb9c8fd00dd924c080[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

60ff905c123e47fb9c8fd00dd924c080.bin
Size

119KB
MD5

60ff905c123e47fb9c8fd00dd924c080
SHA1

a0036dfd88ac1c37abcd47170c22528d70d135f7
SHA256

5390fb40ce1fa633a2011dda582b7811de8f541c4378d925658ecaca3c145615
SHA512

09125fbda8c854a8acbfa90c047ee542a149a737c2a91c838bc4324ef0ff885d8cf199d221c0e81597d44a08bc1a8224bdcffadbe1056566e291f62581221584
SSDEEP

3072:rSNN1HLuP83ITC3+4JnCOVYXIIAHFbTeQIUekyc0rz:eP16asg+v1YIAHFAkyc0v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60ff905c123e47fb9c8fd00dd924c080.bin

Files

60ff905c123e47fb9c8fd00dd924c080.bin
.exe windows:4 windows x86

4c2862d0b7068cff8edc415b67cd8c22

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetXStateFeaturesMask
GetProcessIoCounters
GetTempPathA
GetApplicationRecoveryCallbackWorker
CreateHardLinkW
RegEnumValueW
InstallELAMCertificateInfo
ZombifyActCtxWorker
BaseFlushAppcompatCacheWorker

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE