1350d609ee9ecf827251991d49641d42[.]bin

General

Target

1350d609ee9ecf827251991d49641d42.bin
Size

651KB
MD5

a7bca5088c48203094a81e275c6b8d8b
SHA1

b79432adabe1a73fe547b5acbc112f761096589c
SHA256

4b4ca403b242b1a8d7aae9a7a1b3ed0c549b9af16a2ab66948f4b6d3758a08d1
SHA512

960aed9059a64769f98c5d2da0d7f2f885c3c2ad3ddbfee07217c79023ba83edf9af5dc9cf1c2e2b80b33e1b440316de6d9513c7e686595acc2a965f07990fa9
SSDEEP

12288:PbUyJ2M1gAZ+KBjtVnwEFiv8D7Q9etLDoklSdO431K/GbyYyw3FcR71GKNuSGeot:gycAg3QPn4kI9WLc24UGb0w32R7pNuSk

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/e-dekont_html.exe

1350d609ee9ecf827251991d49641d42.bin
.zip

Password: infected
7855024845204a63fe220da3cbb17b5b62e7d8c158f50876c16565a184ec316d.z
.rar

Password: infected
e-dekont_html.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 757KB - Virtual size: 756KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ