e31b955623e2c260d64ecd239fc3198e[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e31b955623e2c260d64ecd239fc3198e.bin
Size

727KB
MD5

5416999c775eeff4e753483f5b4c74aa
SHA1

8f3fd88e42f113393bd45a3bc9c9be856fddbafc
SHA256

f0a86937fd4c67392c3131780198479ecc159ecd8ff672bd20a298886fede7aa
SHA512

a9d171ce0d93aae4e702ed5ff48536c9b80ee5c950be8e350daa3aee545c5758df0f3e2ddb5a6482fdf5d1e65beaab4f3978d36817d22440d49e6337c34fea3c
SSDEEP

12288:Zu50VF0WV5BiIEpywFu1B6uGXnLHlvNnwCqMQdO8FH3Y5Hm/s:A0VCWVjiIEhFm6BXnLFiCqMd8XYZmk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/3e4c08f6c576544f406c83ea2361fadddc27361044b615e391fff3d9bf4e4ca2.exe

Files

e31b955623e2c260d64ecd239fc3198e.bin
.zip

Password: infected
3e4c08f6c576544f406c83ea2361fadddc27361044b615e391fff3d9bf4e4ca2.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 752KB - Virtual size: 751KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ