e7a7f0d3b1f3b713d3d342171769f780[.]bin | Triage

Sharing

General

Target

e7a7f0d3b1f3b713d3d342171769f780.bin
Size

1.8MB
MD5

cc0f18129937810d156df0a287f8d852
SHA1

91f709b79d87809c9ff19260e303d2398f5be448
SHA256

078c8a330409751c5062d2da8096743024ea0b997d1623cfc768d580e1f41c7d
SHA512

79c10f8af53d0c42263be2ee1eb327bf612f36822032a549bf9271579e446970156a7db51e9bc197fea196f757657645818266e98e05db8e115359bb8520ebf6
SSDEEP

49152:jP8rHdSIKJcyg1/CGcqCme8uiO3/9nTeptKZm4xw9:jErHdSX7aCme8vq/1e+1x6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/5bc1d9c794966dabffe65b6ebd02b93b9be33164e98ed44d5606b3e01a70d03b.exe

Files

e7a7f0d3b1f3b713d3d342171769f780.bin
.zip

Password: infected
5bc1d9c794966dabffe65b6ebd02b93b9be33164e98ed44d5606b3e01a70d03b.exe
.exe windows:6 windows x86 arch:x86

Password: infected

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 182KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dlywuysb
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hfssunlm
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE