b6a79214394a0cbdca1a79bb7f3fbfda[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b6a79214394a0cbdca1a79bb7f3fbfda.bin
Size

2.3MB
MD5

4917e9ea31695b255b9b6b4456dd39f8
SHA1

29f1034e1879162f2b11b9a94b3b77314ab63604
SHA256

d8e2f703c0385aa06ab344e404339f156efc4b82b7857cf092d6ff9d0b1aac85
SHA512

2a6820a6ebb45cde5a5f478770e8a0e5e45d9ce8b240c5483fa3243d0732fe19a54ac6ec0d18115b74fd8a203dca1441d19ba6dc39a85694b58cef256f0b1b49
SSDEEP

49152:ZbX9L/5m3z6Y6wkHKyk8bflR3heTDma4MFxOqYWhy:ZBLRIzF6wkHRZ5hUDmalFBYYy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/958722fd42177a0b4655b7a8d6e1b7fd205e5ebfc22255fc0f2558eda1ece0a9.exe

Files

b6a79214394a0cbdca1a79bb7f3fbfda.bin
.zip

Password: infected
958722fd42177a0b4655b7a8d6e1b7fd205e5ebfc22255fc0f2558eda1ece0a9.exe
.exe windows:4 windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ