deb3d632d4289a2efb454801f3f26f3f[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

deb3d632d4289a2efb454801f3f26f3f.bin
Size

2.2MB
MD5

d899fe262e6c3133a9bdea1c6b8755a9
SHA1

1547d36c79f032d75abfee2b3a99ca8c55423752
SHA256

da8da8dea2af7b5e3defe88b186b9a05636b73420779a951a4abe0c48432c7a9
SHA512

b195362ff6598421dc08ee1020e286f043304d73e7b9fd34bd7ce21b13e36a66019729d0dd5f42896fcbe11eca99d44100716d8995ba6b14299c74a0b9aa1a87
SSDEEP

49152:fur1pWbeUJV5jiDjpvFKzX0pfvBcBi7yUOqpyGgFoV2:fuWbeo7jiDjx40pfvBmi9Oqpym2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/febd86302b334475fb190bb39f59d8466df092d49373f4ef18a889d10a579230.exe

Files

deb3d632d4289a2efb454801f3f26f3f.bin
.zip

Password: infected
febd86302b334475fb190bb39f59d8466df092d49373f4ef18a889d10a579230.exe
.exe windows:6 windows x86 arch:x86

Password: infected

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 680KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hkdvbbje
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hzawtfya
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE