fa6b75ebc4cf564a1055c63db94bcd64[.]bin | Triage

Sharing

General

Target

fa6b75ebc4cf564a1055c63db94bcd64.bin
Size

2.0MB
MD5

67cceccd3eebcb38a6cc56021ca8d952
SHA1

6d944e86c063a57329fed5c854d651d76b0b973d
SHA256

7dd11bf297b65fb54f4b28b79a416a3ea609ed063bbcb1ea82e59b957352a528
SHA512

e25e84f11a5fad31de4d885ef2071f2d5dde5eeeefcbf92b54592452ec6c44989595be810a8977efbd118454c2edd92bacbe752cac3e35fbab1e1b43cb8d16bc
SSDEEP

49152:13hBAuHHFeQhbvRNfKw/jQf+EAmZvFNppnaLVQoC/cRJrJP:1xBzddnD/jQmEAUv9pOVQo3J1P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/e6ca41bc8e9972f791ddc6bb97e6247d0c7f1d0a18f02ec97d2d63dc1f3e3451.exe

Files

fa6b75ebc4cf564a1055c63db94bcd64.bin
.zip

Password: infected
e6ca41bc8e9972f791ddc6bb97e6247d0c7f1d0a18f02ec97d2d63dc1f3e3451.exe
.exe windows:5 windows x86 arch:x86

Password: infected

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 413KB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rxgmnjfm
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

eabqpxxd
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE