4be144e00cac43d4f322b6a9baca9dad[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4be144e00cac43d4f322b6a9baca9dad.bin
Size

2.3MB
MD5

e8ea7a7283c55b14d6990e31f35c789d
SHA1

a415d9e45cfcd32fe0c4132068f1645b8c80d990
SHA256

e57112a134bb93af30233339509b7f704aa01423a819d21eaf0ad50e2e693aa9
SHA512

5d200fb631a091def00423a8e8b59513a24ff67419dc2bcf11d5afa4fc1a7724911164896c34ff0df13699d4757bd71ebb0dc45de2f7f0971f71d7e7d6b79f01
SSDEEP

49152:U5mi21qwKP7QopEaZfmUW6q6/wQV5fIKeOi/9B2ollvOtu:ImswKPEo5rqu8KAK8lH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/494c0daeef7a371cd33bc775b703b740eeaa463ff13fff51ef869fa958f003e4.exe

Files

4be144e00cac43d4f322b6a9baca9dad.bin
.zip

Password: infected
494c0daeef7a371cd33bc775b703b740eeaa463ff13fff51ef869fa958f003e4.exe
.exe windows:6 windows x86 arch:x86

Password: infected

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 685KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

adtzreci
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mqxphuvd
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE