6642fe7a022ca1d124d391333e1e2010[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6642fe7a022ca1d124d391333e1e2010.bin
Size

119KB
MD5

6642fe7a022ca1d124d391333e1e2010
SHA1

4ed03ed4b98293b9f381560eecc101ed65653ee4
SHA256

2e04d8f3dbd49e3190ce46002be9a31815d178c9969dccaa2aebaeafd2136c89
SHA512

5b9d97a304b8fbbaf574c440fefd4f13f1ae704af84ede2a223ec94c3870e8c65ac0127518adf20bf1de6c69e749a035a96d3e4191cd1416b545d396758dbf48
SSDEEP

3072:rG7v1fzXtwmwjJDW27usSgIm2Z/wAZI6GtiFwm66K9KacQog:2v1fJp0JDGZB5Zh5uiFM6jacQog

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6642fe7a022ca1d124d391333e1e2010.bin

Files

6642fe7a022ca1d124d391333e1e2010.bin
.exe windows:4 windows x86 arch:x86

d3c7aed71ea5a84cc1c504d93f8ca846

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringW
CreateDirectoryTransactedW
GetProcessTimes
GetExitCodeProcess
UnlockFileEx
CreateIoCompletionPort
HeapWalk
IsValidLocale
CreateEnclave
WerGetFlagsWorker
EnumUILanguagesW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE