69028d86ffdb8a59a9127b47dfb0ab38[.]bin | Triage

Sharing

General

Target

69028d86ffdb8a59a9127b47dfb0ab38.bin
Size

1.7MB
MD5

a314a4d3c7b1e055588d1f2c5c769747
SHA1

f7950489bfbc7457741a774d9d0bdbb346066176
SHA256

ced416c4e61e9d2ac5646c0ecf12a763e7767fd2f8507e74ceb2b6dfb9a0ae73
SHA512

166755b4f6af7dfe8b61a771df82e6f1b9e2543e591a57d2cb97f08a455a6ef6f336fad29668da30915b0d8d570f21b27734f2ea0aff410799c1dc00006d2955
SSDEEP

49152:P5PFDAE2v+jWAf7pryO8AYegCmd9A9lYGx0cNF:teGWY7p6eg9+ac/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/c006fc45ccd90fd47319f6aa0ee4694d8b17e4fd35b237ada54db1cc649b0367.exe

Files

69028d86ffdb8a59a9127b47dfb0ab38.bin
.zip

Password: infected
c006fc45ccd90fd47319f6aa0ee4694d8b17e4fd35b237ada54db1cc649b0367.exe
.exe windows:5 windows x86 arch:x86

Password: infected

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 88KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tuzmcqki
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

anvpcsen
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE