06305199[.]bin | Triage

Sharing

General

Target

06305199.bin
Size

601KB
MD5

56819bed1055ef96ed9f391c996d7580
SHA1

4af6c25f7c159b36e754104da3b48957a3b6dd66
SHA256

992a8e82bf8477b9e216d59b2c5ec81004b3950792e3f0bc44af8556d0f57872
SHA512

dd399f4284cc298dce5874865341f1380d1369a8e2417df197e6e46ec7fb713d5da2f90fa3ce2210198054519fdf12eb3fc6ab5507ca18fb1950a0af92286d40
SSDEEP

12288:y8fxnXRhKJw5N2ytuHE2T9JUg3z9Q3lkvqUDwMw1fke/PR20:PxXHKJwHfuHEevS30qn//Pc0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/invoice.exe

Files

06305199.bin
.zip

Password: infected
263612e07303edc09b44c6e4f3fa4ecdaf1ae8187a341283a7f9b373b77693b2.zip
.zip
invoice.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 749KB - Virtual size: 748KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ