cec987bff90b00ce724f9c8ba67a66c1[.]bin

General

Target

cec987bff90b00ce724f9c8ba67a66c1.bin
Size

646KB
MD5

5e8cf3225348bf6ada7b52387a7ece51
SHA1

e0ff28cc70381463b71922f84e09f128719ea292
SHA256

a168419d23971aa18f193230e08bfd74a1687e490eeeebae5fabd4a6dcdf0793
SHA512

1653ecf38f5f4b0692ad61dfcd3e69d57f7504871767fd5d752ae83940d676a40c78b0767989391f828cdbce8f69155461e7da6fded1b1f75a501ad6a3bdeb09
SSDEEP

12288:OJ2W2SCgofQuxU0nmnnin13StIjq34Lv6RTis26V2ZaGZr3n3TdUOGaEkciHJN:OcW2Mo4uxUWJn1UClM2s200ZNpN

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/purchase order.exe

cec987bff90b00ce724f9c8ba67a66c1.bin
.zip

Password: infected
f95f038c9789ec0708240e9cd95e496a1c78d1d59e8361a6e4727f6a884f06f0.zip
.zip

Password: infected
purchase order.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 679KB - Virtual size: 678KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ