3a6d1f39ce919d000786bc0f22ab54ee[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a6d1f39ce919d000786bc0f22ab54ee.bin
Size

535KB
MD5

b5ae11f98bdebbe11bee04ba64fc615b
SHA1

b77ff012da06f588e86204fc0864b580801ab4ff
SHA256

08df395b11a2141324893c8797603293fd423d426dd0b6e7d0126c619c6fac9a
SHA512

abd6e553d79d3d197ea77913625928a81f864267dc8d17dd149209e2b603e38fbf4db3c26b66d6ce0d1ac366836dd57af783a045aa42c84f66acedb79d86d351
SSDEEP

12288:4SEdj5upV/z9EBUcAY0/cauMBVwaM2jHIsyGjX:4Syj5upZzJNY0kauMBVwaV9yq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/4556dc1844933bbebcdc2b4753ec1596d637082b7016a0362657e3f1ce95038d.exe

Files

3a6d1f39ce919d000786bc0f22ab54ee.bin
.zip

Password: infected
4556dc1844933bbebcdc2b4753ec1596d637082b7016a0362657e3f1ce95038d.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 629KB - Virtual size: 629KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ