e4a193e229807fc9e9e28d928f1a63c9[.]bin

General

Target

e4a193e229807fc9e9e28d928f1a63c9.bin
Size

1.1MB
MD5

97d2070f5f3e5a5a2b5dc4ae92cbbc5b
SHA1

e0c1d2e5707e0d3e0cda549468e3b8216c45f8a4
SHA256

7566ec513c668e7da827367219ae1272f3313ff4a83e1cf254f16a4b81cdd515
SHA512

3030c733ef38bfe23ebcdf54d0240e05b2a063399a819b747ed830fa6bdc8fa71a323d6919874e53dfa0356df52eac60facc7e549401fb24b0df8cdec828a37a
SSDEEP

24576:mWLDlDwu1mattFbYK9qkhqSgyK7jkL5SFT3Osf2jDfgRn1+a4:PLDBsE1YNkhFlyktSFnSDf6Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack002/ezLGJLXuftPIrq7.exe
unpack001/ezLGJLXuftPIrq7.exe

Files

e4a193e229807fc9e9e28d928f1a63c9.bin
.zip

Password: infected
a486562b0d8c6aa23eb81a203a435824e9eb7ca33a5adf18d521f87504dd39d8.zip
.zip

Password: infected
ezLGJLXuftPIrq7.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 689KB - Virtual size: 689KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ezLGJLXuftPIrq7.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 689KB - Virtual size: 689KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 689KB - Virtual size: 689KB

.rsrc Size: 1024B - Virtual size: 984B

.reloc Size: 512B - Virtual size: 12B

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 689KB - Virtual size: 689KB

.rsrc Size: 1024B - Virtual size: 984B

.reloc Size: 512B - Virtual size: 12B

.text
Size: 689KB - Virtual size: 689KB

.rsrc
Size: 1024B - Virtual size: 984B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 689KB - Virtual size: 689KB

.rsrc
Size: 1024B - Virtual size: 984B

.reloc
Size: 512B - Virtual size: 12B