c1621e680afb56a9eda2d1cb3f89fa3a[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c1621e680afb56a9eda2d1cb3f89fa3a.bin
Size

3KB
MD5

9b1c6d874c27e4c736d9be96e2ab796d
SHA1

743c3a86256683fdabf4fb0ed5ffaf1e92041d21
SHA256

6a01f7bc610ed0c29c5e81bfcd0bb831b537fd648c0d8ec45d20fb274bf89deb
SHA512

54b1cc072329bba3ccdefb7c22f47fcabf740f1799a5549700129cf8e868b2d0936b5db2b5a6f7aaf77c1e8d8c107af74d3f74fd828c180767b44022bfc63680

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/458267c0897b49700c36e5331db5aaa7806a08c3ddde9a46d2acb8f685a961b7.exe

Files

c1621e680afb56a9eda2d1cb3f89fa3a.bin
.zip

Password: infected
458267c0897b49700c36e5331db5aaa7806a08c3ddde9a46d2acb8f685a961b7.exe
.exe windows x86

Password: infected

68c043e423f21a56128e9ab557cac25d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

MethCallEngine
ord594
ord595
ord598
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ProcCallEngine
ord100

Sections

.text
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ