97afd57d502142b25e514abaed520f1e[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

97afd57d502142b25e514abaed520f1e.bin
Size

186KB
MD5

97afd57d502142b25e514abaed520f1e
SHA1

b4834fe0b8fae6153cfb427da12b22510b7196c8
SHA256

b87ab4c63a714d2b10be49204eac4944f3e389afaa65ef2683bdded4ef5a6765
SHA512

b678dc32c33f638dbdc08d1b3580c5124560f867f2d59f53cfffd5b38dd6f97790b3a0a28925dd4fd972abede540cce99c6ea5d78e7c3f47adf2b81cefbe8c4c
SSDEEP

3072:WhSXZ/PuSxXoQsgnHw67cgl2k7dVMyNBcAsaKuk/8pY+t4WZbpAHBn5utJ9jj9vx:3JPusXoQsUjc9YMyNuAeuS4Y+tl3Vhe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97afd57d502142b25e514abaed520f1e.bin

Files

97afd57d502142b25e514abaed520f1e.bin
.exe windows:4 windows x86 arch:x86

6d92ceae88250aaa477d4e125dff555b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

GetHGlobalFromILockBytes
CoTaskMemFree
StringFromGUID2

imm32

ImmAssociateContext

kernel32

SetProcessPriorityBoost
GlobalAlloc
CreateFileW
GlobalLock
CreateProcessW
InterlockedIncrement
GetModuleFileNameW
WriteFile
ReadFile
TerminateThread
EnumResourceTypesA
CreateEventW
InterlockedDecrement
GetModuleHandleW
Sleep
DeleteCriticalSection
GlobalUnlock

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ