e1f060e395b7a1b90f41e58cf1bbcf3e[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e1f060e395b7a1b90f41e58cf1bbcf3e.bin
Size

150KB
MD5

9aed7d5d3eeaa932b65b311ac8a86c09
SHA1

c8d63fb15c9ebdaeadfea8fefe51b5dd9f069924
SHA256

e9fc6bc77bb6fac9c5168a82066ce148285b462bce6827a41eb17207f39fe369
SHA512

ad2a595469994746ad0a9ab7055f35e8ba9ca3794b26708899fececc35a7e5081022fae9ed36e2d7ff5848cc3a4c76c3de36eaed517ead66c04b71411cf83ad6
SSDEEP

3072:ZorcsUqils2pKEkaMs6BYoWxu9C7TlR1+MMdslZaNlcrQreDRh8ZZNzsx:ZorBUq/2PkCmYhxEC7f1NRclLraRmnNk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/6be5cddf29b81421edf93e6011b33bf25906c92ed1eecfc62a389fb57f8cafd1.exe

Files

e1f060e395b7a1b90f41e58cf1bbcf3e.bin
.zip

Password: infected
6be5cddf29b81421edf93e6011b33bf25906c92ed1eecfc62a389fb57f8cafd1.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 317KB - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ