b960acc20a54c56febd039de854caf9c[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b960acc20a54c56febd039de854caf9c.bin
Size

353KB
MD5

87d663916261bbd994cb37d7c6e7f02d
SHA1

6b32b9869d59cbc06d7bb4ca7fbd37c405e92a99
SHA256

b3e8a996e3ba2122bfea379d56e8a7d8b71d711af2831e2f7ba1b36c7862b834
SHA512

9b426e0f864c440970d170d95d95107b9360b5403c61b3b1d1da79433dc6c1751424473e2050645fff9e7b4ada8ed29f19b3bb9b4aefa504b736db5c310fe0dc
SSDEEP

6144:Z5C9CGsnGoFRC9n0OADyeqFgV+wG59UXpKpHyrKxNugm:Z5C9CGsnGoFR/DBLXkpHB+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/d66ab6a7ca2fe30507143fd1fdc7da9d6bb0866890a1f38e900f5acbbcd3aa17.exe

Files

b960acc20a54c56febd039de854caf9c.bin
.zip

Password: infected
d66ab6a7ca2fe30507143fd1fdc7da9d6bb0866890a1f38e900f5acbbcd3aa17.exe
.exe windows x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 600KB - Virtual size: 600KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 288KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ