6a7816f163760feea67462c5399e0ed2[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a7816f163760feea67462c5399e0ed2.bin
Size

2.8MB
MD5

d46304b03d8209876beb2a3160af1c4f
SHA1

5bf82fa3ebdca51afc7037794368401e6977fcbd
SHA256

87780a9b5bc4cf6cbe45adcf75cfef59003a2abd1ed3fcc44c4f86fe00765c9a
SHA512

e0d4fe69418f24fd9174e8c286b683ceb0a1f2bfb7edf8d27d2fdc83e54b88184866fbc734f7e877ffb6590b2fd9a4d3829a4e9f590b1932ddebf179d612ac41
SSDEEP

49152:kONWwaBk3kaGIN8qw4YGOClz6a1fFRSgtmH4pV4r0G5Y0x9x2DowWj4:j4Bk3kaGUHfpNbzUHYV4S07U/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/1f87cc53b65d230d000fb5332e3d13a01bae16ed20c81656f5dc30a440daaf84.exe

Files

6a7816f163760feea67462c5399e0ed2.bin
.zip

Password: infected
1f87cc53b65d230d000fb5332e3d13a01bae16ed20c81656f5dc30a440daaf84.exe
.exe windows:4 windows x64

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 821KB - Virtual size: 820KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ