ef4ea7d1570a2ae8f93d50d25a7a731d[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef4ea7d1570a2ae8f93d50d25a7a731d.bin
Size

466KB
MD5

3617394041248d7b61b9ad289a279a1b
SHA1

9cf31a84ccafb9b0379d24ace3618e3e6a6d2ea9
SHA256

dda931ec1c81014d91b7a73417b3ae20567aeea73495913ef34c4b2d326a105f
SHA512

4008e868a1aae97ac0d4b49f3055788fea497801327699b785579829dfa3dd9f9fc27fc4aef0f1ebe89e79ab64cce19018876cb1b44933116bc8120f925452b3
SSDEEP

12288:xckoQEg33+tysV5/XHq/5yLVtPKNR3HyZFH7eROqJfe7N:xpnoJXHq/Ef5FC7ON

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/7e8b72a7c61a9208a481548a491eb45817c603046992114016383d82adde5fe3.exe

Files

ef4ea7d1570a2ae8f93d50d25a7a731d.bin
.zip

Password: infected
7e8b72a7c61a9208a481548a491eb45817c603046992114016383d82adde5fe3.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 580KB - Virtual size: 579KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ