416f5c0e0bcf2620c459693eca8026f0[.]bin | Triage

Sharing

General

Target

416f5c0e0bcf2620c459693eca8026f0.bin
Size

1.1MB
MD5

a983dbc575a827b028bfe24a00fc872d
SHA1

bfba1e66c381b4db538c53fd91793d361a956254
SHA256

d433644f02e2c3270208455f21f66c929e664a97a59742ac9f30a0dce1c1626d
SHA512

58294a506bdce6b606d2fc9abe40dff51c1631f6ebf7cc004a76b79cee4b5fde52641e3c59795782352973e8a760dce286e674157b01fa5cf72597eeba0dbe08
SSDEEP

24576:e1LBRKvwVuAQ2M/tdi2gjpsL7tuvLYGNjKmnJod5QQctjmLGd1:e1LTTVuv/3HsEQ6d5QL9H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SHIPPING DOC.exe

Files

416f5c0e0bcf2620c459693eca8026f0.bin
.zip

Password: infected
SHIPPING DOC.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 738KB - Virtual size: 737KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
c10987bfd7474d0af328759d3e1917b54f3e0a831fdefb721421a49cc88ab8b4.zip
.zip