a907d2e6edda829467a10bc8a87cb76f[.]bin | Triage

Sharing

General

Target

a907d2e6edda829467a10bc8a87cb76f.bin
Size

120KB
MD5

15ebe7afdc36479faee8f0709738e44b
SHA1

36991196cdbbe25a0cb24b24b853a934c0bf0d43
SHA256

6ec1d547a57cfa6dc84c3361d354cd916d40ff5a8a1ddfe14d8694a71232c161
SHA512

ec1cc44341bf8e1ae5b1704c6fa7576f09251a1edb645b5ef3dbeac26274a3ecb1df95023e9a8b34ea0d95ea6fc7e611786e5f74a201dd57f6162fef2eefa091
SSDEEP

3072:3TwxH44b1wP6TkIlkIUvzOkCcT4gSDzYJSjF+L1KK:DIb2PulfUbOkRMNlj8L1KK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/0822d4c51c466544072ac07dd5c2dbf4143431fb6955a05911600fed50d0229a.exe

Files

a907d2e6edda829467a10bc8a87cb76f.bin
.zip

Password: infected
0822d4c51c466544072ac07dd5c2dbf4143431fb6955a05911600fed50d0229a.exe
.exe windows:6 windows x64 arch:x64

Password: infected

1efa1310f9268b62f071617d0730aefa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CreateFileA
CloseHandle
GetComputerNameA
GetLastError
GetCurrentDirectoryA
FindFirstFileA
FindNextFileA
GetCurrentThreadId
LockFile
UnlockFile
OpenFileMappingA
CreateNamedPipeA
WaitNamedPipeA
ExitProcess
VirtualAlloc
GetLocalTime

opengl32

glNewList

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 444B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ