4fc28f8386b849a5633c3b4f97decd24[.]bin | Triage

Sharing

General

Target

4fc28f8386b849a5633c3b4f97decd24.bin
Size

1.6MB
MD5

a94c120aab1c61af60cec6edfa650d37
SHA1

93b8adf236250c9d63e0c6fdb3b6927bef5abedb
SHA256

87e2c9a4d8eb62d78e1873125842edbb3d329e2f3aa3d7e0eb0e2a609957b87b
SHA512

9d32a29ac3c36fb6832dc780393c979de4513a388eed756f4f4e926fe3839ba493c5fda87c136db04fd519a81c575e3afd68d8013db611e2ae828098e7f79004
SSDEEP

24576:gV+cYP4JzcmHQat6szoOKTJBOhj+YnEUrOSl9h0nmsunn3ZF/935teeV1MAAeuxE:gu4aayXTq+Yn3rcmbpPaeTTuPMH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/5e33b2113f70189d082a8c87ae822718976c90a84e3a29d55c7acf8f940797f5.exe

Files

4fc28f8386b849a5633c3b4f97decd24.bin
.zip

Password: infected
5e33b2113f70189d082a8c87ae822718976c90a84e3a29d55c7acf8f940797f5.exe
.exe windows:4 windows x86 arch:x86

Password: infected

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrcpy

Sections

Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hbugmjmx
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

oqogkabg
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE