f47fa5c92ede1f3886d0df5f48c0f16a[.]bin

General

Target

f47fa5c92ede1f3886d0df5f48c0f16a.bin
Size

303KB
MD5

3507f363c80e899969fc29c73bf07703
SHA1

d4b3bcc20820b7a33d212124982c0e17231533a0
SHA256

d524d8e2dccd0df42f8faba95a68e7b368454aac0708772dee9cdc3eff1b9a70
SHA512

e572dc8dfbc38be3b60822b1f183eecc3f5097ae0e7be7db7bbd5efd4238041537b140aeb79dea9a7c44fb0574e854d155eacc4d69ac507df0a98141ea2149e8
SSDEEP

6144:jJwTGrvTsNyzmX77XH3PxmhNcxrVMXRyEIZK54ihVoItKHn08ayhzXtYLSBgk:WyvTsNemXXH3PxmhufQf8KeS8Hvh7tYo

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/FPI.exe

f47fa5c92ede1f3886d0df5f48c0f16a.bin
.zip

Password: infected
3006e27f7f933e776a5de396edeb8c8c46d410641fe49c1c5c798a76944eea26.rar
.rar

Password: infected
FPI.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 850KB - Virtual size: 849KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ