0113cac7a38778ccfae308d692a8f97e[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0113cac7a38778ccfae308d692a8f97e.bin
Size

122KB
MD5

a9b697b1e9ddfb2298784a6b983fc1f5
SHA1

49ccf5e5adc9d1d6223dbf4fd0a798554a713e04
SHA256

ad71ca0d18227d8a86f4bd7b017ae7b20b4ce64cc0694ae7376911f349621c47
SHA512

e5f37bb935744b16fb482abe351ee1c2fd5f38fd010f0fd20afabcc52b0d68b8ffdba59c6a4eb6885aa7f31d4d261ef7d77e01305e83acf36607e4181604882f
SSDEEP

3072:Wf54Bof8CuZ8/KLsr3BvU1YsKuhFhKNiuEQtd:TBAN/WszBM5h3K4O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/9c424b748b00bee01b053a341972d17ef1f340e875d8d12523f5a1cb4dad12ab.dll

Files

0113cac7a38778ccfae308d692a8f97e.bin
.zip

Password: infected
9c424b748b00bee01b053a341972d17ef1f340e875d8d12523f5a1cb4dad12ab.dll
.dll windows:4 windows x86 arch:x86

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ