6f8e78dd0f22b61244bb69827e0dbdc3[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6f8e78dd0f22b61244bb69827e0dbdc3.bin
Size

115KB
MD5

0d4105a9a3273ac2b1da46e6605c505c
SHA1

c1a0d083b11b6a9897d5acfd23daa84cdf9b2f90
SHA256

1531d22a1b4ce70a4aa09c4e36f1585442e0d3d9330ad9b6af318958c9c7b438
SHA512

e766b63cfcfbd2d3a6fd5c5599f51174be03efc00ff89144b01109bfdde5fd509854e16255ceaf8432bc2d33c7230aa3d776984a2224d79b2c948dcb3c8d4286
SSDEEP

3072:42URXUcn7euR8IkFT8jTU1gbog/tU80RjTN+Z6khLvM2Tb:1mUc7BDTagbVKjRU0K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/a76e49df84ba2a7b33e8ea959995b5e6faecb90d551ef169d8272ce9042c35a5.exe

Files

6f8e78dd0f22b61244bb69827e0dbdc3.bin
.zip

Password: infected
a76e49df84ba2a7b33e8ea959995b5e6faecb90d551ef169d8272ce9042c35a5.exe
.exe windows:5 windows x86 arch:x86

Password: infected

4e06c011d59529bff8e1f1c88254b928

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_mbsstr
memset
_mbsnbcpy

Sections

.text
Size: 114KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 1024B - Virtual size: 864B

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE