8af69184063dee0c01b19ecc0f7e839c[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8af69184063dee0c01b19ecc0f7e839c.bin
Size

55KB
MD5

92d0aea665c9af2ca4feb1529c7ed171
SHA1

8832366720eace0a3ba23079f13de81322f73b90
SHA256

79669c64274d0de470adc69b48bfd685044f402032c982c89d501616fc34af6b
SHA512

a7cd7da3151360981ca7f7e1e48eec6a0d5bc006af57ef5b17e9f5449e03adae834385a90b5e8faa07a2c385ee44d37b48760e2c40c9611af670f67aaafb91e0
SSDEEP

1536:z/M/VtSEoEgrnDlrRk3KXh6gzr+EkA8d8pQ4e3wZV/rX:z/M/rkEQruKXh9zzknd2Q4eg3/z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/41e3cf7e383670798da1639d302f802f35426bfb07ad54ced6192fb0a5e16015.dll

Files

8af69184063dee0c01b19ecc0f7e839c.bin
.zip

Password: infected
41e3cf7e383670798da1639d302f802f35426bfb07ad54ced6192fb0a5e16015.dll
.dll windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 236KB - Virtual size: 236KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ