66c5e0c64ddf6ad48c7269660e882ea5[.]bin | Triage

Sharing

General

Target

66c5e0c64ddf6ad48c7269660e882ea5.bin
Size

1.4MB
MD5

b3fca7d337539bb1d1e8f434c730acee
SHA1

50fdbd56e76b80a5b95726c32dd234ab2796a0a8
SHA256

169063c8e7c36107b33fc6dc6c9816173336e4b5faafc62519a5b646c3984e51
SHA512

b9431934705b588c0729c7901275640c181166ee004246e5c791130839d325e496305124d85ed14a6869ed98072a5833cae95a70553f9af9f855010bb5613fbd
SSDEEP

24576:68m/OO522dIggE8ldHCympyv4Qc+zYAJkXbDXGrTcm2zcg7lLV9qrVhbIGXDYFaz:hm/OgLdlWHCDpyv4/+MAJkLDWkm2zcg2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/1ded59a79c592a70a138f44b71118e2a7f86663902557cf6b8a109989ea53c7d.exe

Files

66c5e0c64ddf6ad48c7269660e882ea5.bin
.zip

Password: infected
1ded59a79c592a70a138f44b71118e2a7f86663902557cf6b8a109989ea53c7d.exe
.exe windows:4 windows x86

Password: infected

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 672KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 832KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pmjhmtqv
Size: 760KB - Virtual size: 760KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yscbunbz
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE