4f0e8ec3172a6a6c7087c977cb682051[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4f0e8ec3172a6a6c7087c977cb682051.bin
Size

109KB
MD5

4f0e8ec3172a6a6c7087c977cb682051
SHA1

5a7942b9d00fbaff8862712e174f2677a6068858
SHA256

3d107527887963c3b951300dd470a639c2a702238f523147efb03150807e9f1d
SHA512

1d7b295223171ac324c00c543850fc6f2be2018ae38208c0c53e2a9217dfa7b7bf36c8327f4b8ee35112d13d41e208463b72d45653557719f543d280dfa74eb6
SSDEEP

1536:W5qLLkdDAcoNyoKiAkD4TTWfFBwohiYc4Ov25Jh2HO/2mnIZWeBwOIZJ2Bw8rqUV:0AcaLKiAkcQc4Ov25JouedcN8e13I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f0e8ec3172a6a6c7087c977cb682051.bin

Files

4f0e8ec3172a6a6c7087c977cb682051.bin
.exe windows:5 windows x86 arch:x86

88be507dc04a7a74fdb89048c193153b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

advapi32

CryptAcquireContextW
CryptCreateHash
CryptReleaseContext
DuplicateTokenEx
RegCloseKey
RegDeleteValueA
RegQueryValueExA

shlwapi

PathCombineW
PathFileExistsW
PathFindFileNameW
SHDeleteKeyA
StrStrW
wnsprintfA
wnsprintfW
wvnsprintfW

user32

CloseDesktop
GetClassNameA
GetDlgItemTextA
GetForegroundWindow
LoadCursorA
PeekMessageA
SetMenuItemInfoW

Sections

.odwbwb
Size: 45KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.uvarab
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gridgb
Size: 6KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ