a916c16724e4aa3eef3839f1647f2b0f[.]bin | Triage

Sharing

General

Target

a916c16724e4aa3eef3839f1647f2b0f.bin
Size

1.7MB
MD5

1769eecb5cc0319ce93ed57c04bf51a7
SHA1

537fa77988c8f962e91fda6e957672bf7a5c899f
SHA256

b62d7a87f7ab009d2c30342422b24fecae4b01ca5028313c088f37bb9fa912b8
SHA512

04beba2ae9d453ac5946618a419901cd91ec08958bed68713a803cac6ead9fc14d430e7975567eab178cb696b24ee921ecd0daf95798cf26c35c5dd4c7f243fc
SSDEEP

24576:1V7luYNlDFUAQ2aoOxS6ziEXVl/BZ/fCBYq3+6Nx1T2eb2CP+Mef9ndouQVh2XPj:vEYLJUANRoz1jLYYW+692eBPW9dM+XfD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/45400639f60d98c903e3942bea79413d9779bb1a62d96ffe1ac621de8dbd3800.exe

Files

a916c16724e4aa3eef3839f1647f2b0f.bin
.zip

Password: infected
45400639f60d98c903e3942bea79413d9779bb1a62d96ffe1ac621de8dbd3800.exe
.exe windows:6 windows x86 arch:x86

Password: infected

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 183KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yymeftdj
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pisbsuaq
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE