af245c8f5302901a6e873b880184fd14[.]bin

General

Target

af245c8f5302901a6e873b880184fd14.bin
Size

710KB
MD5

aed26fdbe860f5b8c06164c656435382
SHA1

435b5a414d60fb2442696d0cf56531a622966644
SHA256

c94f7be936c30ac830483a8a129cce57e06c467aa07fd1ab1d618c3d5b8bb552
SHA512

4295e7be89e8c2b289275c7f0dda690f34b9228c482a44551c0a1f9bc58f64e927b0b7f47c63e8cfa125fb6054986fd3ec0ff8fd77b391a2db9f06740ab9111e
SSDEEP

12288:ekIRL0lzrGg54w1WSzSNJIFO5QYF6sRfCiro1YRijan+ZlPXkpOC+0Enw0mxy0sU:edRL05xpkSs0+xfpro2Rimn+nX+OCCw3

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack002/Purchase Order items_pdf.scr

af245c8f5302901a6e873b880184fd14.bin
.zip

Password: infected
55cc366d2b0519daa338373098af30bb2a52ba289212e0334eeaca8d709f0c25.lzh
.lzh

Password: infected
Purchase Order items_pdf.scr
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

edAk.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 765KB - Virtual size: 765KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ