a801f4da35f25c9a8b0f043abc128a54[.]bin | Triage

Sharing

General

Target

a801f4da35f25c9a8b0f043abc128a54.bin
Size

100KB
MD5

77fcd743a53c50cf933b750f81a7af01
SHA1

dd2968a464361002111e22f235dadb4b8b11e8c2
SHA256

8120f80934a37c960055aa0d50d3bca8bf87d828e9d3dd396698104b82f013d8
SHA512

fc5f181d35a762036b548fdd08107bd38b978b3e6fed7546106aa1946159c01d402b62ed4b7d1770e6d9395da5d3e7df61b6a03e2fee695751d88a04ebdad31d
SSDEEP

1536:dUmrAW4ETqC1TCldf2q/sheF6AJ69FNf7baX+tG+1y4tyReem82wz/6pSn1o:e1YqC1T4fEeFgNjba+eReem10G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/1941e332e042b53fcaa1280be497f0f7e4a3301608055b38b4760652c6348d33.dll

Files

a801f4da35f25c9a8b0f043abc128a54.bin
.zip

Password: infected
1941e332e042b53fcaa1280be497f0f7e4a3301608055b38b4760652c6348d33.dll
.dll windows:5 windows x86 arch:x86

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

plg_init

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 67.6MB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ