d1ecfb3fe25bd624e78f8fca6fa33b8c[.]bin

General

Target

d1ecfb3fe25bd624e78f8fca6fa33b8c.bin
Size

637KB
MD5

4620e4f0573497bb9ae9e31da5a23116
SHA1

2edde1a79efbbfbb4e07d465a408ed3ff7bc33e8
SHA256

bfd6f2b217e2adb0541f6499df9579ead1949d92b90a252f302b1d5f62907672
SHA512

4a1dd3bea46a6e45de2c999ebd77bfa98afceca77dcff5537f2533ebe7e111efd2249d0e4cfdc2d5dfa07f8da32fc674c384099a6d539d3d632050f13240d200
SSDEEP

12288:GX/zn83MRd69XcMXhg37NyQvreoV6s5sBTmjt:+/6xbhCpbNV/r

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Payment receipt MT103_tt 9630 copy.exe

d1ecfb3fe25bd624e78f8fca6fa33b8c.bin
.zip

Password: infected
6e1ba899538ce5673e53f85507696dd08b2ce7f6977930003629b3fee05ba970.rar
.rar

Password: infected
Payment receipt MT103_tt 9630 copy.exe
.exe windows x64

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 813KB - Virtual size: 812KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ