65e41ffda3e111325866dfc688c6618c_JC[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65e41ffda3e111325866dfc688c6618c_JC.bin
Size

291KB
MD5

03f98f8b776ed297bcf8ffbf8e05c769
SHA1

531fa3faca58f6e1b4c40fef2d3e14e2f2ee4e60
SHA256

afcc5d5777163b604ea633d530d9ebc00388a9c8f16c186997f57f11b1e2962f
SHA512

f8d554ec53128d61975d4b8b71fde43a342f527d8f8ebedf51c317f7c89928a922cf86dca533dd6c1349687ddad667579ea151c6ad4e0423c11c47621cb8ea7c
SSDEEP

6144:vbjgXRuUw2pkDoNVPQF6lIpDeuTZNoyRJ/w95YsgHuNbxx+4VDZRz0SF7:YXROnqXiKmZNoqJ/a5YsgHuN9x+ydZ/x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Purchase Order.exe

Files

65e41ffda3e111325866dfc688c6618c_JC.bin
.zip

Password: infected
66bbadc03f10f275970ea1e4f098ae7ed26c8094beba6bd95e6f71aeb0f42833.rar
.rar
Purchase Order.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 812KB - Virtual size: 812KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ