5bb3677a298d7977d73c2d47b805b9c3[.]bin | Triage

Sharing

General

Target

5bb3677a298d7977d73c2d47b805b9c3.bin
Size

4.7MB
MD5

3fdc239813459c375e68e5b5c7910bf6
SHA1

a6b8c1f2d0b27dc5216d9da3a5f4cb7ba4942ddc
SHA256

58468ae270fc87b9fab0edb14c710700977a60bba65520508038097406ecf9e8
SHA512

10cfbc67cef70682acc7ba995f6775b53dc40018987233808e2e154669eb77fe21b688bcc3a4ecdf6dfed88461d2e193f66d10f124cdbc7ef8d0c2008199cd5b
SSDEEP

98304:m9VqoZp4a8NO8BlPs+VQL4XGEVHbou4S/OQt+/EseE/H2sfMROtbVl:SVqoZKa8NO+V44XGEV7B4S/Ft+/C5s/r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

unpack001/85eb3f6ba52fe0fd232f8c3371d87f7d363f821953c344936ab87728ba6a627f.exe

Files

5bb3677a298d7977d73c2d47b805b9c3.bin
.zip

Password: infected
85eb3f6ba52fe0fd232f8c3371d87f7d363f821953c344936ab87728ba6a627f.exe
.exe windows:6 windows x86 arch:x86

Password: infected

1a02d69b15f5b6a928d42e49d3ab56e5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

ole32

CoCreateInstance

oleaut32

SysAllocString

user32

CloseClipboard

gdi32

BitBlt

Sections

.text
Size: - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp-~&
Size: - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vmp-~&
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp-~&
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 65KB - Virtual size: 497KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ