8e0c45dde34b22df6e4055a31f06788d[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8e0c45dde34b22df6e4055a31f06788d.bin
Size

3.0MB
MD5

736bf230e3c52b5ba73216c8cffec880
SHA1

a6c87a3b9507e69e861d6fb72de1b70cebe08877
SHA256

9f9db387e2288397d33c000500327dec4e7e88684ac0815fd9114e3f2b38905c
SHA512

1b79f6efaaf2c2c586f24bc9548985e0d1b959e3b1addc7eef866d4381c8eed3009f5499496ca7f8b5d48c7ef28122f3de514ac3a0acf2e4a64be40e7352c769
SSDEEP

98304:GfeFHBmdQ+KrJlZl2yhvweIEyFE8XdugYRhYz:Gm6d8r5jKeONZL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/5e84524b05e2456c28a3530cb8e0d7f2b811a2d7074acbbac6950bfff97f8a13.exe

Files

8e0c45dde34b22df6e4055a31f06788d.bin
.zip

Password: infected
5e84524b05e2456c28a3530cb8e0d7f2b811a2d7074acbbac6950bfff97f8a13.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ