b4f9cbca656fd34c4dbb1d706a7f1ad3[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b4f9cbca656fd34c4dbb1d706a7f1ad3.bin
Size

2.3MB
MD5

8427f578ea01dcbf1c57ea4ce0fee23a
SHA1

7e4b46170749c94cec43120bfc58f2d4a7e2f7cf
SHA256

a4b9f890c46b1bef4484e5aec4d08143526d350ffd5c5e4c3360deef71b1ead8
SHA512

6d8f9f37d8cb50a545f90f7aec751cde945a881aacd62f88829a121ce764d177d6c25ebca60c609c68494d161fb7c5a18bf892f4a37db5256f88af02239445ad
SSDEEP

49152:xEW63akCx0Cu6UXz2NkHtyuNVcG8qCeqKl6aZdtZ/sEdtZw2e:FP0352Nkw638qRQmj/smtZJe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/1e022d3886700317e5c41977de8fd595db5fbb3529164048ed09ee7efdb5711d.exe

Files

b4f9cbca656fd34c4dbb1d706a7f1ad3.bin
.zip

Password: infected
1e022d3886700317e5c41977de8fd595db5fbb3529164048ed09ee7efdb5711d.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ