f2e8c09276c3eb00c0b9bf31d7ac7e16[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f2e8c09276c3eb00c0b9bf31d7ac7e16.bin
Size

1.2MB
MD5

d8ba88813542a25bd120cea9c6b8c9c5
SHA1

8452a88d8b134651d2de64dc0b1210a751b442d6
SHA256

ad9306c9f7f8c7abfcc1dfc02c7996c8358e7703d98837868ac59e1e0019d0bc
SHA512

66416fd7c56e2178edaf8e85fa66d93d6333a6e375ad34009d1207326a217dc35c4bf8286195c7bec5cccf53b05eefab6b65939d0c35a5e328f4147fb1cf70be
SSDEEP

24576:WyXI8bwBv2BKCwj5uc8xfW4SQI+kCtVjlRgq5zwr5c2B2G38mbBAt3x4hM5JMbz:W4tFc8xNIKgq5z8cQzbeWM7MX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/bdad8d84805cb5eb3dab2fea02cc74d4bdf8748e43331f80f23a7ce38b49df60.exe

Files

f2e8c09276c3eb00c0b9bf31d7ac7e16.bin
.zip

Password: infected
bdad8d84805cb5eb3dab2fea02cc74d4bdf8748e43331f80f23a7ce38b49df60.exe
.exe windows x86

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ