1d272c9aa998704c62b578a03ea79db0[.]bin | Triage

Sharing

General

Target

1d272c9aa998704c62b578a03ea79db0.bin
Size

1.7MB
MD5

230bafb29f1eb90d6d8e4fd2648641c2
SHA1

b33af0fc061e9c57b91539ecaa1ae6c2e489e294
SHA256

fcd46a31c433d5737c08a4b921a510ad3edeb7baa159509598d913bb336a47aa
SHA512

c2f6b325bbf6dc3c218b4a7ff9ce40bc847a0fbffac91b989b9007433492b7050686df97e9c30664e0d88ed093c47e8acedac7b5aa54838e2492465eceaf5df4
SSDEEP

24576:WRfjN15pfAgd08MzAVxlEJG7EaB0klJ99GGbkC4oUkU+MyL9zfDgrBlS0iNHXr1A:6Rpffo6xL7xB0qJ9oGgbow5Abbr1A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/a33b0b0c51bcff2ee0eb94ee480383fbf4971bc723f06c95361b24805d8e4f9a.exe

Files

1d272c9aa998704c62b578a03ea79db0.bin
.zip

Password: infected
a33b0b0c51bcff2ee0eb94ee480383fbf4971bc723f06c95361b24805d8e4f9a.exe
.exe windows:6 windows x86 arch:x86

Password: infected

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 183KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tbwvchig
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ifkxtoyw
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE