3121ecc67e64fdf65b2b3c9f5966ed11[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3121ecc67e64fdf65b2b3c9f5966ed11.bin
Size

119KB
MD5

821bc3a30652b009c526a53d9e60f2e5
SHA1

f9573a99b20b13d4691cf59b80649ede18583de8
SHA256

bb359ec489846c05c4cdef8d0848b337bf2b2c9f59a48f47ffafde195d7b7b79
SHA512

b6df3fa096cb20a7f0648c8ca3e0a96f591bb51b51fdb0de8f45b41475507b8892628ce91974344c21c488642842bb039a160985a016699adde813b825b05f39
SSDEEP

3072:nR7fB0JDJBDRrPpTdd8hPL6jvNkE27p2Ki+K6cejnrHL6bFjYdsgnCr:nFB0J9BrTdd8hDkNkE212Ki+1cPBjTw2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/bc7536cb39c4dc0ef7522b46efbc97b87edd958248267932c46cdda2d571a72b.exe

Files

3121ecc67e64fdf65b2b3c9f5966ed11.bin
.zip

Password: infected
bc7536cb39c4dc0ef7522b46efbc97b87edd958248267932c46cdda2d571a72b.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 304KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ