5abcc2dc51912559915c6034a9096de9[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5abcc2dc51912559915c6034a9096de9.bin
Size

1.9MB
MD5

a3d0cc2f3414dccbeecc391df2504b74
SHA1

57dce1d33a02f0f1a518afb83dc5cdc147fcfd1d
SHA256

efa1861cfc48b869916dc4a6ba85b0fe80f3fc859751d6fe795e3bc197028575
SHA512

54f0c166637e8eb9b39fdc84fb5ce8dde05e1901084b0a431ea81e301aa07d90eb19bce0d23f5d853bb08e7181c25806ee5a5616b334420addb91e2d306b3932
SSDEEP

49152:sTy5CaDEjwni27MO/PyQMYeWB6KEydfq/7o5NSgExFYjX+fQ9:WUHtniq9/PCf2Fdfq/85kgeFYow

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/4f437f42f396b42c28698a98c3b7400b2e48eb0ce5a3d374be42aa8a83096743.exe

Files

5abcc2dc51912559915c6034a9096de9.bin
.zip

Password: infected
4f437f42f396b42c28698a98c3b7400b2e48eb0ce5a3d374be42aa8a83096743.exe
.exe windows:6 windows x86 arch:x86

Password: infected

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 607KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qhxscinx
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dqrqqyix
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE