a40f95c8f424fa4cf03cd7ff2a735c86[.]bin | Triage

Sharing

General

Target

a40f95c8f424fa4cf03cd7ff2a735c86.bin
Size

2.0MB
MD5

ee11520dfbbf28264584b8619f9eeac1
SHA1

d3ef9b55c525e4662903293e02417c5f17a10bb7
SHA256

ca2bc74fdd1d2200e58ae3398f195f42bb7b43bc60fe91757632c7b62bf74444
SHA512

5005d5815df4c2829143cefcbf7ff29ab75a135bc4b8af87b2ce26bc1303997c7658c74cc8980392e2e3b9798ecd8c9450411507504e710da08c06b881d5021b
SSDEEP

49152:uuJKZFvuoqilI2Vv2qWBFqQOMDhlC89TddtY4RYc4/iS70:uuJS2oTlzVvWzjOM1lC89TddOKYc4v0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/0c91ff2aaea6a39f39bdebb800c1fccae6bbc572a4a739d050f7829c79bb9c09.exe

Files

a40f95c8f424fa4cf03cd7ff2a735c86.bin
.zip

Password: infected
0c91ff2aaea6a39f39bdebb800c1fccae6bbc572a4a739d050f7829c79bb9c09.exe
.exe windows:6 windows x86 arch:x86

Password: infected

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 607KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pfqhzkph
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vcmfkafb
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE