52a2ab6d4b61080c63af5cdc22e60167[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

52a2ab6d4b61080c63af5cdc22e60167.bin
Size

2.0MB
MD5

b34d6410fd0fa2fd746bc50836c2546e
SHA1

4f1fad6a01ff14d0578be89d155cc3727542bdaf
SHA256

965d3f3aae4f3b1ec22eaa9333fdef5cdfb4c62f80155c4b248e4ab59bcbe3dc
SHA512

af72f46a88b90710236f0d15aaa8a56c04818a50849e5a826983cae9f38673ef7ec79e901ae56e6e570ade7b38a796ebc6ff479bafad165011094240c6ebd5d7
SSDEEP

49152:K9nyhU50nHvnGwhp7P9224bfOP+wNPcwxOmJeIhgJvvz+fOQ:/U50nHZp7FELOP+wNP7Om89hzJQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/d36320a5a5285ab39a11b86c1a4c09f17417e7ff36c974e667c3205810f97e1f.exe

Files

52a2ab6d4b61080c63af5cdc22e60167.bin
.zip

Password: infected
d36320a5a5285ab39a11b86c1a4c09f17417e7ff36c974e667c3205810f97e1f.exe
.exe windows:5 windows x64 arch:x64

Password: infected

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 416KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vakkurrp
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

egbdqnrl
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ