e514a3dcdacfa7f4dda1f14cbb41ba94[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e514a3dcdacfa7f4dda1f14cbb41ba94.bin
Size

1.8MB
MD5

2471b7e330aee8d5e30d3a0d8fafd93a
SHA1

761facdc48f04b72de093309c8dc93045538a14b
SHA256

b37698f394c4cd8ab02d2e4d305100d872eadf777a98df59738aceea785c77ce
SHA512

56e2b0d05c141c5ee8dc0ae30b5b756d05438af8c9a5bc8863c6eb0066bb4a4c8925ef8502a8cb11e8a64758c3e3caf9a7ebf5d02125375447a402e64f132f5f
SSDEEP

49152:MSbKERUfqgsmpW+Se8/PJlzHvH3vlCyqkqKIER0sAHEFjuoJmzS:MovUiPmE+QPbEtKIkAcFJf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/d30b5b0e8c5a0e5dd3c4191e05aacf42c4e46781872097f7acb2f148539e174b.dll

Files

e514a3dcdacfa7f4dda1f14cbb41ba94.bin
.zip

Password: infected
d30b5b0e8c5a0e5dd3c4191e05aacf42c4e46781872097f7acb2f148539e174b.dll
.dll windows:6 windows x86 arch:x86

Password: infected

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 204KB - Virtual size: 440KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vuwncdlk
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zuprpofh
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE