5b4a881c85e6504cdb22c83a43ddd235[.]bin

General

Target

5b4a881c85e6504cdb22c83a43ddd235.bin
Size

624KB
MD5

0e7fd27cdc86ca77585e30d651fb9aa3
SHA1

498337f6cc4a21b9a2c18d181bade4970f608239
SHA256

1dc11c418fc347c4b365582b49e7c2fbaef14b0c7b696755012e2560a02ff85b
SHA512

d6784a91fc17b5472d4e401d799c90bea756acbb131f39ce7148dcc362553611a6425763894c9655f43382c96b6606620c5b3ba42682c2fd54dfd76712ef46f8
SSDEEP

12288:CHxQLBFKDg3OXgnVzMBQR/z0jU8PI3JKlgFw7wpaEwlcfyqQzGiy:COVCg3qgMQR/IjU13Ih7wpZqqhn

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Confirm Bookings.exe

5b4a881c85e6504cdb22c83a43ddd235.bin
.zip

Password: infected
f31b2ce67f630eee150009047da660d3c3ba799c26f06a170fce255c5cf22e39.rar
.rar

Password: infected
Confirm Bookings.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 669KB - Virtual size: 668KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ