9ca88a66e64760c3338dc5c1928c80be[.]bin | Triage

Sharing

General

Target

9ca88a66e64760c3338dc5c1928c80be.bin
Size

1.8MB
MD5

d90ab80f4f1243a0df9e2df458e9dec3
SHA1

b8a87acb7ac30a3369cb73e6bd1dcb818729977c
SHA256

b4717e95fcf1ba56ee5aad0f082868f256f2a18f73ff3c1e437686df0d6c53be
SHA512

8a55f665af359b29d3ca5959d1747a9400a4de60a059d702e9317735bff3b40f3d0e69dd76d3ad45d27ed6418786744cc5e6c14eba10780663d8ba036906e096
SSDEEP

49152:UkOm2ZC0VZ4K14dH6WnS3mJ6wE00zAUkeLMYTI6Q3:HmC0D4K1zWnObzAreLMd6Q3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/29db4d6bce2297d878cfef9b5ffc452dc7299a25b53219fa215cce7f7bdd3910.exe

Files

9ca88a66e64760c3338dc5c1928c80be.bin
.zip

Password: infected
29db4d6bce2297d878cfef9b5ffc452dc7299a25b53219fa215cce7f7bdd3910.exe
.exe windows:6 windows x86 arch:x86

Password: infected

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 183KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qciekbdd
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xfbccmwq
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE