0bb376187cf8242293fcb8578e369fb2[.]bin | Triage

Sharing

General

Target

0bb376187cf8242293fcb8578e369fb2.bin
Size

563KB
MD5

7143f6dd851bf5922858767f0f9c6405
SHA1

1379a24e8a3e91db1070929dfc210c5d4ab3758e
SHA256

e0053ffea3a64ce4b5173dd3f143c8b4bf9c84c1531a85bce2dfefecf3eb1fea
SHA512

d76c8942f798366f1590669d4c4ae456af184702b56f6576a77f010eb30eb835282481ddb4ae88a138df9670711a858a3643826ef43d9564278ceb8743a3ba36
SSDEEP

6144:9uL0l6sSjYvrsPz3g+ibBBEbJ6lnY8SMGW7kwM0GZv0s+z76aMKdIscIeOQ4BLZH:9uFY0gTOJ6lnY9mjevQiscIez4Bz5vr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/50b7c22b62b792c34ad69ec219ee468803d070257b57902a33248f953444caf7.exe

Files

0bb376187cf8242293fcb8578e369fb2.bin
.zip

Password: infected
50b7c22b62b792c34ad69ec219ee468803d070257b57902a33248f953444caf7.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 573KB - Virtual size: 573KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ