f401f240c068bac2c47c4beb9446d2a0[.]bin | Triage

Sharing

General

Target

f401f240c068bac2c47c4beb9446d2a0.bin
Size

1.8MB
MD5

cc0b33f7094281bfea8bbacd95e94cb1
SHA1

135d9ada6d0b89fb0bf29d3dd050f66096e40c8a
SHA256

c4a9acea6274b87336a5c654f5c0d5755a4131cbbd7f9985d53fd1cd2ebaa307
SHA512

2d36fca99ec1be6ddba13bf2f3156c7d302a4cd9c73ef3e4b503ce7b384b39bb84b1efec3a0b06ddec64e578765ae359cc61b0cdc17503ec732154561083835d
SSDEEP

49152:aVS5QAEyt6z/b/AKLGzlngW96itpKYSToNYmh02j:gS5QAHte/bIuCgW9btpXSUNdh02j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/3ca467dad80a62f640093dcf65b29e413820c24288e3ac5dbfb4ca7639dd55d4.exe

Files

f401f240c068bac2c47c4beb9446d2a0.bin
.zip

Password: infected
3ca467dad80a62f640093dcf65b29e413820c24288e3ac5dbfb4ca7639dd55d4.exe
.exe windows:6 windows x86 arch:x86

Password: infected

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 416KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

isvciprd
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bfywzfjw
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE