54a709399811099c297b87684ab59230[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

54a709399811099c297b87684ab59230.bin
Size

28KB
MD5

54a709399811099c297b87684ab59230
SHA1

997d8fd3b2133c1b332955553969fdd9ba696900
SHA256

ed8f4fc2e6abc4048f85de164d78f8161713c7fa8b16a9ee0308acdb375a0ff7
SHA512

3153db83cedf1cc9ded30f5686f9bb9f950b02409debc6cc14b19db68506bf65aa6f291d50c652d0ef3d22ecc0c66c5a551048d736a63da4e88c44e92c5feaad
SSDEEP

384:3wiBQdJgrFyURH/mlu1ov3NIUZn7XeB9wCjLdJoEO:3BQdGh/HWSuniXwCjJJoE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54a709399811099c297b87684ab59230.bin

Files

54a709399811099c297b87684ab59230.bin
.exe windows:4 windows x86 arch:x86

2ca3d9b0a0dbd967e07059827536f214

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
VirtualAlloc
VirtualProtect
VirtualFree
GetModuleHandleA
LoadLibraryA
IsBadReadPtr
HeapFree
FreeLibrary
GetModuleFileNameA
GetWindowsDirectoryA
GetProcAddress
CopyFileA
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
GetOEMCP
ExitProcess
TerminateProcess
GetCurrentProcess
HeapReAlloc
GetStartupInfoA
GetCommandLineA
GetVersion
HeapDestroy
HeapCreate
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetStringTypeW

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyExA

wininet

InternetOpenUrlA
InternetReadFile
InternetCloseHandle
InternetOpenA

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE