b1428cca95bff0b76ab62397d02df9e3[.]bin | Triage

Sharing

General

Target

b1428cca95bff0b76ab62397d02df9e3.bin
Size

1.6MB
MD5

2c343ba40f4b75c35819ddbab6b0712d
SHA1

54d70c2a577f4c6f2e086b5b3bf20579d3e36298
SHA256

ea9afef33914cff056122c3a3aef3017633dca6669d441760649aa71999825ba
SHA512

4362ae7306037c5ae81374f1954cb622c018f7cd7fbc4f15946b6dd86a7a0a76f3dad1a8dc624a7d291b707c999a65631358c9f6d197c78fd107434af00877d3
SSDEEP

24576:gensxOLaqMAVR4hnhns2fl1LLiv2QVztSzMu+U575ZUNpz3OAD1e4GPMia65x46S:gAskMK6n42QbDU575ZUP+ADRri5X49d5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/329ec550d7912b296ae2936bb392f56d16ac2dcde22a9101a1332e119a164c99.exe

Files

b1428cca95bff0b76ab62397d02df9e3.bin
.zip

Password: infected
329ec550d7912b296ae2936bb392f56d16ac2dcde22a9101a1332e119a164c99.exe
.exe windows:4 windows x86 arch:x86

Password: infected

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrcpy

Sections

Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yqwybcoz
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

oyenvmkj
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE