3b754cb58af437695a070977e74a3271[.]bin

General

Target

3b754cb58af437695a070977e74a3271.bin
Size

765KB
MD5

5d5a002e2118e54d2cec32f6f3b5d378
SHA1

7b0f722cc4949eae5c47f7b24bccc46284bd8e0a
SHA256

589184812c4d475fc95d149b4622ff985ad4a4fa1c8792078e9776f10fe9be15
SHA512

e732a7b6f075ac199b7e096171ac0defa5dee6fb30b1b7e808db5f57bf9d0e77e134d57bd86c451d22ddcce846e3cd1dd0ec7b811a5a928e5f6c932bc2b09161
SSDEEP

12288:f470pTttJsd85kEg1xy89PoOd1tB2SEz3iah4sbxDAPPSDDeUKQ4xwG/Q0QWwquF:QgpTtHsdXTxy8Vb2SEzyahFxDAy3NKbk

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Siparişi (P.O_5220288)_GEMA ELEKTRO.exe

3b754cb58af437695a070977e74a3271.bin
.zip

Password: infected
92c30369096db1bc8673c979798faffeba3903d2e6e43ad1a2686c033067532e.iso
.iso

Password: infected
Siparişi (P.O_5220288)_GEMA ELEKTRO.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ