f06bca620531a45c078a86d723150e2b[.]bin

General

Target

f06bca620531a45c078a86d723150e2b.bin
Size

443KB
MD5

28ec0f0395f589c54abcc046636509be
SHA1

229c261f0736d52cd0f1bcb7a6cc5f35a3578b64
SHA256

75d8a9c170e3d410a1580ed67c63cccacc7e6795c57d738228ac9b15eb5cbdea
SHA512

30b505ec4ef6db2686db8b01dfb52f7f955528b8926ce2c02dc11e7ea573057bd4fe1d53a7896a00641187e8b126209041a27b7cfd51db2299304febc4cbe09a
SSDEEP

12288:f5aG3SWB6MNnEvpWJ1ZiDMpbtE9CWB7/tut07F:sMD3ae69CWTut2F

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/NewPurchaseOrderPO838735354643332735536345544.exe

f06bca620531a45c078a86d723150e2b.bin
.zip

Password: infected
68e8c931e395e7b24d39a27e259e6dba1b4f49205bb8d163b1dd3a44109dce1a.7z
.7z

Password: infected
NewPurchaseOrderPO838735354643332735536345544.exe
.exe windows x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 466KB - Virtual size: 465KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 382KB - Virtual size: 382KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ