a56e4ddc5dd0e6f0fd17011334868e43[.]bin | Triage

Sharing

General

Target

a56e4ddc5dd0e6f0fd17011334868e43.bin
Size

29.8MB
MD5

44b8b2537ad526e928192cd0f081d1e6
SHA1

2d2027bbe94e08b1da14752cb61e5458f6502e11
SHA256

9455317c587d80f524eaf40bc0bf1c0a374ced979222e91f22a20aae94a44c28
SHA512

9e1a2ee1de574014cf03f084e742d013814290e87607b02ff18d470568bf4d091b33cccdd5cf99f241a0d9bf0511c2f706dd7af05af9d20fa38c625dbfdaf697
SSDEEP

393216:UP+yuYlFnr/R64PJgUOcQoCLXtQbHuGpZhhcEtk2QlCtzKlRowcLoZNhwUF8lsj7:UP5l5Zg+YXtWGSEC4RLgUeaHDf05Tc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/f520eb5804ae1b26974fabee5403470f1aa97b837fdd9856b3a5f252199a07f4.exe

Files

a56e4ddc5dd0e6f0fd17011334868e43.bin
.zip

Password: infected
f520eb5804ae1b26974fabee5403470f1aa97b837fdd9856b3a5f252199a07f4.exe
.exe windows:4 windows x64 arch:x64

Password: infected

02549ff92b49cce693542fc9afb10102

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

malloc
memset
_get_pgmptr
getenv
sprintf
__argc
__argv
_environ
_XcptFilter
__set_app_type
_controlfp
__getmainargs
exit

kernel32

Sleep
CreateProcessA
SetUnhandledExceptionFilter

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29.7MB - Virtual size: 29.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 265KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ