815c9834f55611ada00943d49[.]bin | Triage

Sharing

General

Target

815c9834f55611ada00943d49.bin
Size

417KB
MD5

e7d85c72e2e7a6f0e52aef6e35f82168
SHA1

48a92fdc5827acc4cb9922b15b4bcf5b61a1ea95
SHA256

0f5693e42172a6c2889e6498cb2b10cd8c12b4b5e7188ef683109c57763d30f7
SHA512

fc080a7e054107bd05aae640ee86db022969dea527053e9446688cb195a641fec54f6eed88e89c8dc50ed2a3614b324915034d34decffefeb6e8f31120a82757
SSDEEP

12288:M23LOQcX90xTgyRZT6mIncz0xm9XGfVBG:M4Lnge2Lncz0xmMG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/PROFORMA INVOICE_206805.exe

Files

815c9834f55611ada00943d49.bin
.zip

Password: infected
c5bfac15583677e2e6e9c2b27bc0826a672ba0d99e9588331f3be8f69a8d9b07.img
.iso
PROFORMA INVOICE_206805.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ