94182f595b2688db6eff8cd45fc6929d[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

94182f595b2688db6eff8cd45fc6929d.bin
Size

2.0MB
MD5

c6ad64e28f4f102fb54b309d27acc6b2
SHA1

c90414da66ba18b4ba42bfacdfd07235ce1a305e
SHA256

e77b7fdf44758b2eeecaa85858bd91c23a4d52a20e15ea2fed68dbe0a01f5faf
SHA512

195cbeb62f0cce2c5629d54c42dc96fea72ff52fc805639969593382bc8563b1488866cdc30ed5f21cf0af16fe9f360d91b2afa9d341434cc53e996690802ad1
SSDEEP

49152:6pP8zm6kS/8JavPcw3QEcyUcMFgPsw8GEo6qt9Y7T:iP8rZFU4QEUcqgEwr6Iy7T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/54457d0453c24e72c1faecce15df7c04f19500bf5c52ba0859a30892f3adab7c.exe

Files

94182f595b2688db6eff8cd45fc6929d.bin
.zip

Password: infected
54457d0453c24e72c1faecce15df7c04f19500bf5c52ba0859a30892f3adab7c.exe
.exe windows:6 windows x86 arch:x86

Password: infected

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 607KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sgojdjxv
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wsqazrfk
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE