bd622e6b642759f3982e54d62300208d[.]bin

General

Target

bd622e6b642759f3982e54d62300208d.bin
Size

511KB
MD5

4aee91192d6804d66d2a3ab7f7d96710
SHA1

ccf2e7f8a08d78a0e5623f7ab1e5296eb0c50705
SHA256

87e694652688a67a3e62f846c0e4b266aa3bc57146d7b04a0b563eac70d02ac9
SHA512

c794565a2732f05fe29f8247405e0cb6683115e362cce7bd4673236e7e53b3883a8b13a21872ec5a28bce6941425662757fc01455a163412282edc9663ba96b3
SSDEEP

12288:AVbDUuxkM3K4SJ71WdlRv2dt5v6HCaAxdnHkOXY6XvA14ue2:ACuxF3Fo1yRv2L5vA+YRpe2

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/quotation.exe

bd622e6b642759f3982e54d62300208d.bin
.zip

Password: infected
ebf3def8c7c8d94b086410ce16287e3a5a8380c67f56361bb1d45f3b0b2ae668.zip
.zip

Password: infected
quotation.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 640KB - Virtual size: 640KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ