5166f546a52d33cf24a27e2c9e560bf3[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5166f546a52d33cf24a27e2c9e560bf3.bin
Size

6.7MB
MD5

ca29f6857273c72b84d50de7e30a3b71
SHA1

4de73335f8c2636c0cf2a6c88bc59afc8f3f1e3e
SHA256

5d8c25a5fd561acfb9a3d56e7ed73dddb4fbb228c6957cb019036e953e69baa6
SHA512

ea3e56ae6300269fabc9110108ed958a3b4fbf49e98edb52c998e0a09cfc97f1597a06fb892f68f9a11bca42a2182d69253bd2173308a02ca6ba489ff1e8912b
SSDEEP

196608:gJH7hJ1EUc2qrnqEk7V/OtQr4cBROJZsfh:mH7FwrCV/i+4cBoHsZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/a080de20aa321af83e8570c5bf58f3f3644b043d807a3acabed4e546eb49a6c2.exe

Files

5166f546a52d33cf24a27e2c9e560bf3.bin
.zip

Password: infected
a080de20aa321af83e8570c5bf58f3f3644b043d807a3acabed4e546eb49a6c2.exe
.exe windows:1 windows x86 arch:x86

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ