9[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9.bin
Size

154KB
MD5

33e5768bac87c460f62d6642fc6ec435
SHA1

2288bc47bfa9d74ce27c818fd1a7b2f67b722ac5
SHA256

98821e827750d69d325fed2866f2fbc015936646a05ff2a633884690405df932
SHA512

159d9cf28d6be189d3c4051d187f2d01629246c2918cd06f95665bbeb503838e539e48879cfd25ac0da9a8249218971e06251dfa9017dfe2b334d57b6396b793
SSDEEP

768:3Mj3SdK3McA5bb5rCdu/uujkDQ4nZ16iJ8jos5:i3jMcAxNrQu/vX8vSjZ5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9.bin

Files

9.bin
.dll windows:5 windows x64 arch:x64

c4e6282ffd1ffa097fd4cb2b076f2dae

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetProcAddress

wininet

InternetOpenA

Sections

.MPRESS1
Size: 20KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE