b4a9a8b8b3ca917999ae31767f507198[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b4a9a8b8b3ca917999ae31767f507198.bin
Size

540KB
MD5

e905a0ca1ea417ca88d1514ca8cfff34
SHA1

ca9036536e39b4ff157949f057b9539dc0df6503
SHA256

26ceec53f4c90182ab1ca90771d29c275b570c49b6c60cdf9322c881d8bcbff1
SHA512

5f0d68fcbfa7eac5999b80540b0ac37552d733fab38f67792f64e9f1ea3add97df13920285ee57cde6e56e634debb4c2c1a0d11edf30014c004d940ab4333ef4
SSDEEP

12288:JiVQpVl6iR8XYvqyshCFTLAAYw7DgLWAo81wPTW:JeQYi3yy5TLOgdM1wPC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/f1c78b2121d019681e884190c1968c1fbdd4d38d42933c2e6c0aefd4daa3f6a7.exe

Files

b4a9a8b8b3ca917999ae31767f507198.bin
.zip

Password: infected
f1c78b2121d019681e884190c1968c1fbdd4d38d42933c2e6c0aefd4daa3f6a7.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 639KB - Virtual size: 639KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ