54e892fd00361b19f526bcd9f30714ae[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

54e892fd00361b19f526bcd9f30714ae.bin
Size

240KB
MD5

54e892fd00361b19f526bcd9f30714ae
SHA1

3923f8f69ea24770387193ea03e7c83747d8e5b3
SHA256

90683cdfd25b93b962e23c4ff1d1ccd8f0ce7085801b175fed27a00f036c97b0
SHA512

5cbffc6dacc25ae6ca482f6839c940b5d24c36922908e6bb32fb06d4b6301ee2260502cae28c580f8c58ede9ab6c1c7dc914d788d3cdda64b2bb1c962b6ac5a6
SSDEEP

6144:0+xEOvSpl0Jv7Nw/Y+FCsqm5YCmFEG28eU3:0D6Td+F9qmcQ8eU3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54e892fd00361b19f526bcd9f30714ae.bin

Files

54e892fd00361b19f526bcd9f30714ae.bin
.dll windows:4 windows x86 arch:x86

4fee747e0f5d4a3df3d5a8bd5ea48543

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileMappingA
CreateThread
ExitProcess
ExitThread
FatalAppExitA
FindClose
FindFirstFileA
GetACP
GetCommandLineA
GetConsoleCP
GetCurrentThread
GetCurrentThreadId
GetDateFormatA
GetModuleHandleA
GetProcessHeap
GetUserDefaultLCID
GetVersionExA
GlobalAddAtomA
GlobalUnlock
HeapAlloc
HeapCreate
InterlockedIncrement
LocalFree
SizeofResource
WriteConsoleA
lstrcpyA
lstrcpynA
lstrlenA

advapi32

GetTrusteeTypeA
LsaAddPrivilegesToAccount
SetServiceBits
CryptDuplicateHash

msvcrt

__getmainargs
wcslen
__set_app_type
isdigit
__p__commode
_cexit
exit

ole32

CoMarshalInterThreadInterfaceInStream
CoLoadLibrary
CoInstall
IsEqualGUID

ddraw

DirectDrawEnumerateW
DirectDrawEnumerateExW

crypt32

CryptStringToBinaryA
CryptSignMessageWithKey
CertFreeCertificateChain

Exports

Exports

UnregisterDriveChangeCallback

Sections

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ