3b96a72fbad2289ab79106371b9c0716[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b96a72fbad2289ab79106371b9c0716.bin
Size

118KB
MD5

d5a21e676e68254243374934f850921b
SHA1

965ec4ec1056c5849a213f3b6ccfd6d807dd8414
SHA256

696964b9920826cf9890d3e20e8248f3e82097b59c4da9a599f2eee05bd8770e
SHA512

8baeed2c86862947555c809f26b2b74de032935f729d4bf490b9fdcfed88b4c7a459ecc57610d291110db2d4c33243f16f163565730cc94826d1ba68817cd8c9
SSDEEP

3072:J79wv3pFOx+/k1DbnQ7dqwWE1CW6wXlOz/XrCI/iJF1riyRBZV:Z9gy+KbnQ7K5W62lWXeI/itiyR7V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/8d511d6fbbd0ffbd98b87e80effaee645a559defea31a2a97f6cd8113a5ab854.exe

Files

3b96a72fbad2289ab79106371b9c0716.bin
.zip

Password: infected
8d511d6fbbd0ffbd98b87e80effaee645a559defea31a2a97f6cd8113a5ab854.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 242KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ