dacb6afa5908efaf23db4f9d408edd93[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dacb6afa5908efaf23db4f9d408edd93.bin
Size

1.1MB
MD5

7b8d81ed3506fe2eeb87bfb50a56b24d
SHA1

cca2372ae467481fb2fb5eeb053640209ed3a806
SHA256

195112f7ab50f9f96f45f58616b9d13ace1919b1cfb5ac0890eb8df4066b6bb4
SHA512

c052f9316a51c87f870c736ecb3c2c4104929b46e4980ced6f162bd1940be6b24db2f4af5282689036a216913ac2d36925e0d3dac153772c33a96e5a35b827a3
SSDEEP

24576:e8dLBArIFBm6k4SYUl27Q5YIv3Vg+igNNuOS2X5kbGb2beCAX0:e8d9ZBLkjr0MvRigNNpMjj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/492ea6fcffa80e669e2834185ad00ab9d16bda2e6087cf0933027195220c9f32.exe

Files

dacb6afa5908efaf23db4f9d408edd93.bin
.zip

Password: infected
492ea6fcffa80e669e2834185ad00ab9d16bda2e6087cf0933027195220c9f32.exe
.exe windows:4 windows x86 arch:x86

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ