General

  • Target

    9c6a1317b6ddf6c11ec34f3e3240b3c7.bin

  • Size

    90KB

  • MD5

    9c6a1317b6ddf6c11ec34f3e3240b3c7

  • SHA1

    dfe8c4b0bce6a48bf4ed21fdab8c4b5e9c59d2ce

  • SHA256

    947ae5e40254363d6bdf8007a5aaffe43a8fc43c5ae4608192c9ea248459baca

  • SHA512

    7850cd937d85d1efdfb87963571ec9d94d8cc9f840f76a07c5b1d3fb669ec25b644ce1c14c1cdcc9e0c14a4814412e3c9b29b38cf372038499d0f05071187575

  • SSDEEP

    1536:CemCP8Y1B61HXMC6SBizXyTGqymzUr2ovP0aTh/Ld63qSMZNWWZUVVvVSP4hn4vF:rp1BO8IWCGqPzUrTvRdOqSuajoPnF

Score
3/10

Malware Config

Signatures

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 2 IoCs

Files

  • 9c6a1317b6ddf6c11ec34f3e3240b3c7.bin
    .zip

    Password: infected

  • bea95bebec95e0893a845f62e832d7cf.exe.ViR
    .exe windows:4 windows x86 arch:x86

    Password: infected

    7fa974366048f9c551ef45714595665e


    Headers

    Imports

    Sections

  • $TEMP/mcwsazmq.exe
    .exe windows:4 windows x86 arch:x86

    Password: infected

    bb2c8eb3054ba7f3e7e488a127249ddc


    Headers

    Imports

    Sections

  • $TEMP/setup.dat