3540f08b37b30b6c554e0e5ff05a8e97[.]bin | Triage

Sharing

General

Target

3540f08b37b30b6c554e0e5ff05a8e97.bin
Size

4.2MB
MD5

16a5de2f84923105e3777635b4f824bb
SHA1

7aca2f1da3bcf15359a9908c6f2e4fc269adc998
SHA256

dcb43c0257c290b40d10aef8d744a8712337828f76dfd2f72d8cce233005b1c6
SHA512

456d97b79c893b513d9c06b25ac33ad0fb6b80938b27a6b0ec1c71da9ae0a2f402511b6cead930e48d4707cd1986d41cbc863fbdafa8a55e9ae0da12b6efd9c9
SSDEEP

98304:XJZv7J+bJAvbhrU6kQ1GwsszHRDhsb8GlmD/CASz3AHXOGyuF:55t1ZzxtD/Chd/0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/562ab7435cbde0c5528a05f60ce959fa9b428d3378f4d0f5b22f48eb09fe13e6.exe

Files

3540f08b37b30b6c554e0e5ff05a8e97.bin
.zip

Password: infected
562ab7435cbde0c5528a05f60ce959fa9b428d3378f4d0f5b22f48eb09fe13e6.exe
.exe windows:4 windows x86 arch:x86

Password: infected

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcpy

Sections

Size: 2.5MB - Virtual size: 7.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bgrcdjci
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

aezraviv
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE