54a2097406c626d0c3d2a6244deae68f[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

54a2097406c626d0c3d2a6244deae68f.bin
Size

414KB
MD5

54a2097406c626d0c3d2a6244deae68f
SHA1

7749139efcdfd9d81fc84f6f2240ee9a5f53b12d
SHA256

43a2f45ecf812c1957e43369f8ebc2bdd2047d67fe17a114349f74ea3ee0f027
SHA512

1e892df6718332fdd7a5542b941b8123c05bd07e06a4049120026e8d1d2c83fd1e1573d799c6313dd94022f07c4a16bd357f0f9f70d60ff8b3f56c17eb29e53c
SSDEEP

6144:+bS4GUo3zaYniyxRervRLzdXlPQWCQGAKyiJEf80aQriQxNYgkr:+tGJjHnXRiz5lPQQWTIZM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54a2097406c626d0c3d2a6244deae68f.bin

Files

54a2097406c626d0c3d2a6244deae68f.bin
.exe windows:4 windows x86 arch:x86

daa4fda7cad81f8e9bd268fc71b9b33c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
ResumeThread
GetStartupInfoA
Sleep
SetEvent
lstrlenW
HeapCreate
GetModuleFileNameW
CloseHandle
ResetEvent
GetModuleHandleA
GetTimeFormatA
GetCommandLineA
VirtualQueryEx
CloseHandle
OpenMutexW
CreateEventA
FindResourceA
DeleteFileW
GetCommandLineA

user32

CreateIcon
IsWindow
GetClassInfoA
IsZoomed
DispatchMessageA
DispatchMessageA
FindWindowA
CallWindowProcW
GetWindowLongA
DestroyMenu
GetSysColor
PeekMessageA
DrawTextW

ntlanman

NPOpenEnum
NPOpenEnum
NPOpenEnum
NPOpenEnum

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 504KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 404KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ