13771c2026634d63ce9e48ded71b0583[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

13771c2026634d63ce9e48ded71b0583.bin
Size

2.9MB
MD5

a553e5b8b770a631e8e5e821f3197995
SHA1

e1ebfb1dad6fc5507c006c86cb1bdb8c6ec279bc
SHA256

5a5d10f8590c3e0ccffb944cb52a6f2fd862c4ca469bd6b169e3f4e92320a104
SHA512

f5388bbcc27eef05028753445b72b980a74e40a9cf932d6c569278d50a4508a5777a07c95ab99264f2d16563c486c34c0706bc7b2819c9aa33658e958f20baaa
SSDEEP

49152:Eo39nz+MrVp7/fXpTLVEo9nuTmVIInmRky6TssKkgZ6+Bts9sjoMHZC:rhz577/RTJ79nuXOw6TukgZb2uoMHZC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/828b638222b770227fa83dd07c28c2636edef9005262052852da2840c1745f77.exe

Files

13771c2026634d63ce9e48ded71b0583.bin
.zip

Password: infected
828b638222b770227fa83dd07c28c2636edef9005262052852da2840c1745f77.exe
.exe windows:4 windows x86 arch:x86

Password: infected

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 1.4MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 118KB - Virtual size: 366KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jototksx
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hhvaqlzb
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE