1d8aa539e51f53e5364cd0dc2724982b[.]bin | Triage

Sharing

General

Target

1d8aa539e51f53e5364cd0dc2724982b.bin
Size

81KB
MD5

1d8aa539e51f53e5364cd0dc2724982b
SHA1

5dd0a69b38fe19356d6188b933f30d723e208924
SHA256

d25f8cbebe34a56baa844b8e811acc7192168af01ff5d6a5559556d80a1cf3f7
SHA512

3b82bda9bfa2aa0274245387a2e101eb1b7eca9f0d9547e0ddb03c9e74bab1fe17b9337b413a35fbb207e81fb7cb95e825decbfb0e20c6ed0aa7e2565f39dd5d
SSDEEP

1536:K39eHfH1lvjPBQdUODjrlfDfRWeR+IxcShclXJ:K3s/1lPCdJDjrlfseR+GcShchJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1d8aa539e51f53e5364cd0dc2724982b.bin

Files

1d8aa539e51f53e5364cd0dc2724982b.bin
.exe windows:4 windows x86 arch:x86

bcf12a4aece931a56cac41ebd9ee39d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
LocalAlloc
LocalFree
GetLastError
GetProcAddress
LoadLibraryA
FreeLibrary
VirtualFree
VirtualAlloc
lstrcpyA
GetSystemDirectoryA
SetLastError
lstrcatA
GetWindowsDirectoryA
Process32Next
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
GetCurrentDirectoryA
GetModuleFileNameA
ExitProcess
CreateMutexA
CreateFileA
WriteFile
WinExec
CloseHandle

user32

GetClassLongA
GetForegroundWindow
GetDesktopWindow
ShowWindow
GetClassNameA

advapi32

RegCloseKey
RegCreateKeyA
RegSetValueExA

setupapi

SetupDiCallClassInstaller
SetupDiCreateDeviceInfoA
SetupDiCreateDeviceInfoList
SetupDiGetINFClassA

msvcrt

strlen
strncpy
memset
_mbscmp

Sections

.data
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE