a4d2d2877f9bde0b27f163b6f9713c5d_JC[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a4d2d2877f9bde0b27f163b6f9713c5d_JC.bin
Size

340KB
MD5

47e51f17d02c379a5e26014e77d3c23f
SHA1

e7cfced8d46388f9af500c6baa199ff9cd1e76f7
SHA256

5a960a84e4a2fff649978aff8878c3a10b9f9372ad50654a7233f5ffe9acc082
SHA512

31217845f9ecbb0ff034c0a610729fe58a8da44b7ac0b369cb6b9a1ef65661cce1e06983577f1fc350a4f596750efaae1ebc3509ee676062295dd2e25037a9df
SSDEEP

6144:MPg+jsQuH9A7pvCMcjR7tXJ5PpagjZXfY1RF24pW1QpYBWkhVU0FTATradlc:gRE+gMct7JJtlPqgR0YAsVU6ATraLc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/invoice 2995003615.exe

Files

a4d2d2877f9bde0b27f163b6f9713c5d_JC.bin
.zip

Password: infected
69ae6b8dfd2f8d971bb28ba65de6901a3bd0a0a9aa9f98d54aea10c096f61d6b.zip
.zip
invoice 2995003615.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 854KB - Virtual size: 853KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ