d8942f4a942d49c61f90875bad2e3bd0[.]bin

General

Target

d8942f4a942d49c61f90875bad2e3bd0.bin
Size

1.3MB
MD5

dc08f04edd2352329e2e839d4a604b7a
SHA1

d288c6b6677e1e09837763584b0123d34f773a07
SHA256

6ed05fcafb3398041dcd6186c089b3ebf150f125c7bfa02ac94596b10faac10b
SHA512

a8d672df4cc9e2c51d9df62d199a277632c207fa37c6994b48bde821591a6d404771f36208b32fa7d8e949b016af930d16a3f59991eafee6f0740edb29b6dba7
SSDEEP

24576:WbBN5+gvmSsK7phryijpHjk1mx5f5AC4yQzwBUJknq8e4Zn9Pg:iBqcsUphryCHYc2C4yCJo/nm

Score

3^/10

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack002/New Order PO 208472747_IT.exe
unpack001/New Order PO 208472747_IT.exe

d8942f4a942d49c61f90875bad2e3bd0.bin
.zip

Password: infected
720b4ea73cbbf0d6cda0398747438500d108af0916e211065756337e13d45196.zip
.zip

Password: infected
New Order PO 208472747_IT.exe
.exe windows x64

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
New Order PO 208472747_IT.exe
.exe windows x64

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ