ffc40c13789292372ba1e3dbe57a8f98[.]bin | Triage

Sharing

General

Target

ffc40c13789292372ba1e3dbe57a8f98.bin
Size

3.3MB
MD5

9ad3e3d42cd8bd451e16a362658fc74f
SHA1

54bf373d20c11c6a9acd2c5a2aff2d29cdbe0f18
SHA256

3b08c0bf59dee045ad9806283fc13bb12d81815b37494f5909303ce7ad212592
SHA512

16ac6463e1c73b77499a6d1a9d9dccef2e100fdd8a9c731c95b09131e8169815bfd1fed55ad1456d839a87076cb852c2ba557dcaba4edfe62b2a6917ceb629c1
SSDEEP

49152:2J88HshuPa0+9Jrul8wkN/16rxP5Fu/TZKOD10i4W+3VDpZGcwql8qoAI:2JpGuPsjrovauvu/VR0iEl9Zxl8UI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/0c7aaf640120bd6ee174f9a5db14dd22c689815b3a0965bb951de5a52ca896d4.exe

Files

ffc40c13789292372ba1e3dbe57a8f98.bin
.zip

Password: infected
0c7aaf640120bd6ee174f9a5db14dd22c689815b3a0965bb951de5a52ca896d4.exe
.exe windows:1 windows x86 arch:x86

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ