56f0996fb350d6dc97ed9bc2ffc9208a[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

56f0996fb350d6dc97ed9bc2ffc9208a.bin
Size

19.0MB
MD5

36840c42c367a7b236f24977dea14693
SHA1

0218782038f64bca3059dd5466e4f46132e8d357
SHA256

0572f82c57c8219228e1d8ac7387d0d97b2512e266bdae6c97b90ecec7d1c62e
SHA512

187ee74d1bed4fc67f4ecfcd36f596b113e87074065b2f1e7a54dbf301657561f995be75436c947c9255f316b7c04c02af5166f9f33ba57fa03bbc9d5547d94f
SSDEEP

393216:j10R7WoERDXjD/XsTHngvj+8vFEV59U1ULEdtHtZrSuQa:j1G9EdXjzsTH1BfIULEdttka

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/e979268197499119f4d54d0d91b4fa73c5556ce67be105aac9eb2197178acabd.exe

Files

56f0996fb350d6dc97ed9bc2ffc9208a.bin
.zip

Password: infected
e979268197499119f4d54d0d91b4fa73c5556ce67be105aac9eb2197178acabd.exe
.exe windows:6 windows x64 arch:x64

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Exports

Exports

bitsdojo_window_api

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.enigma1
Size: 34.9MB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enigma2
Size: 696KB - Virtual size: 696KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE