01973f09014fee62754ea67861264da5[.]bin | Triage

Sharing

General

Target

01973f09014fee62754ea67861264da5.bin
Size

638KB
MD5

b218c54136ad02c9fe719d67fb97a26b
SHA1

e6d4ee03faf4707526158273e8ec5779fabf27f2
SHA256

3f4787a9691512f34f66042da6e34f2967dc368f3d17b95a202c397218ed1063
SHA512

ea0acbc5eac9588e391f9b56cb7c9e5dc211b93b64b4391199ce03d68586ea4ac269119ad46bf9bcf5c4866906ec46c1423f4f73667cf3ef9ff5dc9fdb30ab05
SSDEEP

12288:TZG/2ScqUuIhnyESuxJs4Qw4assqSJHuzUXnz/TpLY9MOqnY85oZX+F:TZG/2LdryESeKPwCsqMHX3z/tLDOqnYO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/4110933fe032350468c29329959cb10fc54704a2ec7af1e71155202a337aee6d.exe

Files

01973f09014fee62754ea67861264da5.bin
.zip

Password: infected
4110933fe032350468c29329959cb10fc54704a2ec7af1e71155202a337aee6d.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 646KB - Virtual size: 645KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 160KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ