bfe8dd445dd77bb3694f0ce5feb8741d[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bfe8dd445dd77bb3694f0ce5feb8741d.bin
Size

168KB
MD5

1564cb43b9c5c8abb2ffbceb540300de
SHA1

0c6afeff0b12bad44d8118019a180bd4a8fbcf56
SHA256

c758047fccd93979d07f9745c99f84b7571ba1daf5baada97cf93b2f6ed1ad55
SHA512

0bb49ee565897fde222c46d71184e7676a0dc4e32af253a451c160f7a1694b89ddc32cc550fcdd44433b0f93c36b866418edb6def4324374a91bac16466bee9b
SSDEEP

3072:AWEluRfWtMxILjnBr7biu/EriL50abXHCcb9t2d7F+Cfw+UdGxDSO:AmRfZIBr31/NVbXHC69tqJWZ0FR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/fb973b744b6fda7b7316ebfdd50c6fd8a9976047695347143c15525b37834b46.exe

Files

bfe8dd445dd77bb3694f0ce5feb8741d.bin
.zip

Password: infected
fb973b744b6fda7b7316ebfdd50c6fd8a9976047695347143c15525b37834b46.exe
.exe windows:5 windows x86 arch:x86

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.nyert
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 347KB - Virtual size: 349KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qnnuy
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE