54edf2aa8e046fac71327fa0a6252d3c[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

54edf2aa8e046fac71327fa0a6252d3c.bin
Size

175KB
MD5

54edf2aa8e046fac71327fa0a6252d3c
SHA1

66fbc42acefc6e28cd93fcb0444b88e75065bad0
SHA256

d4d3c73d047e8eacb2be0162801f1844770164cee5bb74610fad47489ad24e18
SHA512

464082ca98a0f50819ddca93dac4a6375351e06a7a9f14f8fc269168711f20b396e40cc6b42d9151134272303ef266c134dfa1244d60cef8cb6d27a68b158386
SSDEEP

3072:HV8pUJ5Ewv6RU1Ug2WL0KrA+bLWRKiPno0BfaU1VuUbHFaJvQe0RcYGT9p:YUJ5EwYUeN+XYfx4USApe0RcY0p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54edf2aa8e046fac71327fa0a6252d3c.bin

Files

54edf2aa8e046fac71327fa0a6252d3c.bin
.exe windows:4 windows x86 arch:x86

4aaedbd814bc8249a21cd60b6323d4ea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetTapePosition
GetWindowsDirectoryA
ClearCommError
Sleep
GetLocalTime
GetCurrentProcessId
FindClose
EnumResourceNamesA
InterlockedExchange
FatalExit
GetVersion
FindFirstFileA

ole32

ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

winmm

mciSendCommandA
sndPlaySoundA

oleacc

LresultFromObject
CreateStdAccessibleObject

shell32

SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

user32

SetCursor
GetDC
GetWindowInfo
SetWindowLongA
GetSysColor
GetWindowLongA
FillRect
SetWindowPos
ReleaseDC
ReleaseCapture
IsWindow
LoadCursorA
GetDlgItem
MoveWindow
SetCapture

Sections

.text
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ