2c619dc0f393021ce9979eccd5ee399f[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2c619dc0f393021ce9979eccd5ee399f.bin
Size

1.7MB
MD5

f0651a2204a1b6c8cee82388245ee632
SHA1

9df64a9df4f61c5463f36a5230fde2b765e8ac86
SHA256

fdf7e1175e11e5d86feeea496bf313c4b77dde476332e849e9531cfa410ba24b
SHA512

1e286653665bf57257c4b0b766c2c20a779e65d2c768c23f513189eadadae74d0ac5e61a3d88554cda0bb0e42f04a17119cd8ddca6db531d2fceba16a0b3c334
SSDEEP

49152:WBgs9goRsFUiX4+aIT6vxcCTvxiFJs6mRCqj2:HsFse+VT6ZDFicw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/26ee9a229826d4a1f0ad36010f4236897d3bfa441cfb03735de25ad4b3bf3456.exe

Files

2c619dc0f393021ce9979eccd5ee399f.bin
.zip

Password: infected
26ee9a229826d4a1f0ad36010f4236897d3bfa441cfb03735de25ad4b3bf3456.exe
.exe windows:6 windows x86 arch:x86

Password: infected

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 151KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

phbluaii
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wyucqguc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE