f9fc06f0cc64b6a700eda6fd6d816df3[.]bin | Triage

Sharing

General

Target

f9fc06f0cc64b6a700eda6fd6d816df3.bin
Size

2.3MB
MD5

55f8334aee2f59a8e65080eefeaca4e2
SHA1

4b8e8e36fa03039b67a848a3809528004a37eff2
SHA256

a8c90474f2c37d040561672d47f903f352c220481fe12d085bb762df903e0229
SHA512

d80fdee2bd0e8152b1c3fe29d3bf5828910210cdb4e083ec10ee743cebb4d5e1a7ac0384f267f380872ab1c760ffd46ce97694a6c6c0921a644cc4f3dab53b04
SSDEEP

49152:N8+m7x3ErsnegHhjPRdHhUcWacWDfZBqNn8sZlbi:W+wuIe2ZJdHhUBacWfZ8B8idi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/590ebd6f2bb5735659f13faa2fa92c8520918affd39f9878a6bf648f05e0e8f5.exe

Files

f9fc06f0cc64b6a700eda6fd6d816df3.bin
.zip

Password: infected
590ebd6f2bb5735659f13faa2fa92c8520918affd39f9878a6bf648f05e0e8f5.exe
.exe windows:6 windows x86 arch:x86

Password: infected

8e037c5edb507011bc10ab16654e5d05

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

ole32

CoCreateInstance

oleaut32

SysAllocString

user32

CloseClipboard

gdi32

BitBlt

Sections

.text
Size: - Virtual size: 237KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp@²�
Size: - Virtual size: 1004KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp@²�
Size: 1024B - Virtual size: 568B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp@²�
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ