44d2d87fccae6236b0ca82141e169a23[.]bin | Triage

Sharing

General

Target

44d2d87fccae6236b0ca82141e169a23.bin
Size

1.8MB
MD5

a4c85f62c643c72cb78b69ae01157c95
SHA1

cb000a722f583d6d1a7bc950c86f01899b51ad0b
SHA256

598e6ebeae391bb9db9256a66f9f7698386a8e6fb5e83eb15f922b3902f04bd2
SHA512

a197eb17e43cd623f0b6d4f808b4d787c4566caf51c1e0a9d7e887810644146ce960a113c077f30389e467fd2b7499f49585e02549381de615e5cf1e6291b696
SSDEEP

49152:Y0x7YQ2aW4FRguEn2v2SPuNxIkLVWOmJb2hIqY/k:YQYQFFR9q2zuNx74Jb2Kqgk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/85d2e1dbbcd7f16fe0fddf6955bfd310ffdfe172ea43a976d86db8d385552f41.exe

Files

44d2d87fccae6236b0ca82141e169a23.bin
.zip

Password: infected
85d2e1dbbcd7f16fe0fddf6955bfd310ffdfe172ea43a976d86db8d385552f41.exe
.exe windows:6 windows x86 arch:x86

Password: infected

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 183KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

snnpbjgr
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vgpzafpg
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE