4bfb69519bd38850244caf02284765cb[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4bfb69519bd38850244caf02284765cb.bin
Size

528KB
MD5

71d485154eef04919aa19880f033f5ee
SHA1

669c1f9b962cf3a0d4c2f9ac9e6db04c82ac88f7
SHA256

92eb7d33f0c26493b4c6e785b413837bf24612d25df9e284024080a0a0c5fba8
SHA512

6e202bba0749b3edbeb84c4696a82c71084fad930bc04c817b681aab5609da753c1faaaa70edef066b85e8097291fee7822f26f4e4931edbd47b2b49bd6593e5
SSDEEP

12288:Yz9rZF22jr08iwm2cu2jljDW/+O1BELDkzwuxoI7ng8SM:w9/2M0ThFDY1BkIwkr7BSM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/0ed23a63c8183bc51ac08a01529473d9cc4fe7e35999ca93ed30af35fd7f7f4b.exe

Files

4bfb69519bd38850244caf02284765cb.bin
.zip

Password: infected
0ed23a63c8183bc51ac08a01529473d9cc4fe7e35999ca93ed30af35fd7f7f4b.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 925KB - Virtual size: 924KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ