4d2ca738a128120fdadacf97ac705c85[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d2ca738a128120fdadacf97ac705c85.bin
Size

2.4MB
MD5

ae45e5afd566186fa2a489b4d1df4173
SHA1

c68dc1393b6439e3f31f1312caaec3a619287ddf
SHA256

618a20fe1ea4f2658b25bc7c3cefff9db136a43d607006828ea8d40f33985b20
SHA512

7d02a1cd3eb95bacd4d3e593b85b4c7968a4bad47a48c4e344f4b32f79cd580e37780e3a3765e91cca36f066f501c03d4c708c417f6dcb3102969ae1521ea1d6
SSDEEP

49152:zbYTa1psR8tAYuJZUXXAHUCM8RU8sLE5pM5SfIT0wZ1PH5OAmVtwVqBJRWNoc:z2eAYBH668i8KE5lIIS1PZGoVsqNT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/1f1b940f06d3fd1e8659cb3f56c980f100e7958639553917eb08db940825799e.exe

Files

4d2ca738a128120fdadacf97ac705c85.bin
.zip

Password: infected
1f1b940f06d3fd1e8659cb3f56c980f100e7958639553917eb08db940825799e.exe
.exe windows x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ