b0ee68bf9701fb4eba040080f4a3a2f0[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b0ee68bf9701fb4eba040080f4a3a2f0.bin
Size

119KB
MD5

b0ee68bf9701fb4eba040080f4a3a2f0
SHA1

f73b82871942939764ad76c48c3715e0e66104cb
SHA256

3c7e29100afba2d8c200e360533a63cf934a17156af1f7696c308469df098c2b
SHA512

b11fa3556a37c14648ab5e51ff8b07de6584324fbc4f1ff16548f8e06f971859e1fb1bdf91620f90dbef5ae9ce68d39737bbc4afbafe3d400c522d5ad3131366
SSDEEP

1536:GqVPY3a+aOGDfZ5Q+a+K7e08fyBetbLK9bHP1LeeN8SqawqnTwwcW//LGRf7vAlK:GllIdDaiNEnmGsu7wSZKC0UHV+8T3F4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b0ee68bf9701fb4eba040080f4a3a2f0.bin

Files

b0ee68bf9701fb4eba040080f4a3a2f0.bin
.exe windows:4 windows x86

b88e94802020e47032f71fe4d76f2313

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitVDM
GetMailslotInfo
CheckTokenMembershipEx
CloseState
SetThreadPriorityBoost
SetConsoleCursorPosition
lstrcpyW
CheckElevation
PrivCopyFileExW
UnmapViewOfFileEx
CreateMutexA
BasepPostSuccessAppXExtension

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE