29971b59f02d473149cf7bdef71e837a[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

29971b59f02d473149cf7bdef71e837a.bin
Size

69KB
MD5

828e5e8e3d83823b18528f0f04ca21fa
SHA1

9dc8cec5519686cfe191ca743f2318d675eaa85c
SHA256

8a8660046ce7e9ce9de19dd0d5ea8987939af6266b3f4bd6e1186ccf05d8c2c6
SHA512

917b056ce8564f622f442022907ea4ab9e13d619b5e9cc69d1e9e0bb7cf539decc5a367ee0da40a278437ec2ed698ddb54f82fca204db4bbde00cba42c541752
SSDEEP

1536:fVFWCwYXedXzFOPVEpPhRluPdSXo50Z+4Uj+CA0Tpe+IG7:f/MXpOPip/luIXm0oaT0ko7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/f914474e6b67675154294af3856b61d22b8017ba97b055727470caa54c262a96.exe

Files

29971b59f02d473149cf7bdef71e837a.bin
.zip

Password: infected
f914474e6b67675154294af3856b61d22b8017ba97b055727470caa54c262a96.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ