e788e5dd84c8c180b072cce3c16d329d[.]bin | Triage

Sharing

General

Target

e788e5dd84c8c180b072cce3c16d329d.bin
Size

1.7MB
MD5

906f783460fd17dda3320c21832e1e10
SHA1

cfa6caf8337e783abb948b1af2a47a46c1967f25
SHA256

ceb320d8a6f3ae21a9d7f766e7c69ec5885b46c61af687ae929d64483fe59f85
SHA512

ccf13c56cdbdb649298871ff2afe7c6c62e977a9241de810e62dcca42bce24a631b4f5a680efbb52dd3e300896de7cff6a5ef709eda1cafcdd532bf0551f1219
SSDEEP

49152:ZNwqhMWGAKjzC0EMeG4pL7gusnzzwDe42Wq+xzs:ZNhMRAKjzC0r4F7gtz0L2WHQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/01022e210af142ecdfb8f85212aa90f39e1fe326a56e3e9c9ae53ef147b23547.exe

Files

e788e5dd84c8c180b072cce3c16d329d.bin
.zip

Password: infected
01022e210af142ecdfb8f85212aa90f39e1fe326a56e3e9c9ae53ef147b23547.exe
.exe windows:6 windows x86 arch:x86

Password: infected

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 416KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qeteftps
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bebockxg
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE