6b9efca6cd907bca7c809aac251c013d[.]bin | Triage

Sharing

General

Target

6b9efca6cd907bca7c809aac251c013d.bin
Size

36KB
MD5

3c01ea1e6084dbe8b15d1b40e22cf1be
SHA1

03b54270d53f6c2971c2e729848283c25ae1c5ba
SHA256

928088006a09b42859ca2da8ed2f334307cf6c7b04f8f42e63f102473c1ea37c
SHA512

4273a2ac3f242dbf79964658a041385ca70e03395c62a969035733fe4f230b88653ebb4dab5d3bf86abc5abfaaba532e7b393e9e297ad855e7866ac1dd89d532
SSDEEP

768:4Kg5uy64tHRCMF/6jSwUJBpbjkv1ImcJsU3/6oDC8veXyyb1alrOHnFM:4Z5uyjH/6wBRmcD6oZ2r15HFM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/1507fb34228cf28d8be2bea91d82d57f03bffea29ab0591eab0d6a8e3161e491.exe

Files

6b9efca6cd907bca7c809aac251c013d.bin
.zip

Password: infected
1507fb34228cf28d8be2bea91d82d57f03bffea29ab0591eab0d6a8e3161e491.exe
.exe windows x86

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 30.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.toze
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ