ff9e637c32fe8adf2ea4111e2ca90ae7[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ff9e637c32fe8adf2ea4111e2ca90ae7.bin
Size

1.9MB
MD5

76615f37e8b9041106881f158a004335
SHA1

248dd18f54ede88c12bf62e591166ebc52f7a736
SHA256

33ca16bd760bdc515fa1aac1942048280587621ad24ff14520df3c2651810f55
SHA512

3adcd001c22c6258f5cb0303bb2d5d191570d9a6d3d591e2786c57b204429180d1792bc81b2174f51b4728d9a4345bed83bae5c109ab8d0db7ea08caaa85f5bf
SSDEEP

49152:AfHzWx7Ysv3h0NAsPVKhE/65td3U/jMTLPEvdI33PvaGv+bzRyectMFHGL:yHCdfv3h0AsPgTJmMTL8FI33Pvi3W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/be65a0b0c6c457eefa3746d05f00a8d96c61b4d6d3a3ceddd5dcb10f3fe1f151.exe

Files

ff9e637c32fe8adf2ea4111e2ca90ae7.bin
.zip

Password: infected
be65a0b0c6c457eefa3746d05f00a8d96c61b4d6d3a3ceddd5dcb10f3fe1f151.exe
.exe windows:6 windows x86 arch:x86

Password: infected

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 607KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ydbqokpn
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qeydtgca
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE