a34306375ccfabab8f506d4dc5dea1a2[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a34306375ccfabab8f506d4dc5dea1a2.bin
Size

236KB
MD5

200d00880983840d1b2fc6cef90a3af1
SHA1

ac379882c2d6364227376361530c8af34c59e58e
SHA256

248a1660389125d4410fb854820adc99d552ce7e0c901312e5f00fb70a939250
SHA512

03d90d8c2183eceb66f572044e42d974681a370f429a35a3b6f5bade9d9c4365a9cd3efd54cbc2555356a86c1b73df5b081e6a69690b3dd22aa35f79a7fcb63c
SSDEEP

6144:rsFZmVyxm+qt0sQLseF/B0p2KrDN5rl1nNDhMF2KrzgSRV:rsFZSKm+DsteF/BRU3hDaF7rL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/5498127f11928bb91062949e7f2d2a140164036490563db5fcfb85c29e4d3e1f.exe

Files

a34306375ccfabab8f506d4dc5dea1a2.bin
.zip

Password: infected
5498127f11928bb91062949e7f2d2a140164036490563db5fcfb85c29e4d3e1f.exe
.exe windows:4 windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 495KB - Virtual size: 494KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ