642e026b63c293599ac50d11fddf9c75[.]bin | Triage

Sharing

General

Target

642e026b63c293599ac50d11fddf9c75.bin
Size

596KB
MD5

5df9cb0e3f5a4302d41fb81e0f076836
SHA1

9e4a74418e89239087e235144a03ad465cbd7f0a
SHA256

de61d719b3b98fc6ec86e70baaa7cbb53a57aa1f7b4cc30783762f33dd589835
SHA512

fa888fac1282e79339804978227ed3b42a5d08c9dffcb0c98ae6ac8a496fc048993b74fd13a3c8261f2c9a69a97737536d25c232e65f884c6e9c48aba133f94a
SSDEEP

12288:P0Wc3vIKvLTPS432S251C4GMssxKu748o5INQd2vMWbjoFD/Lv4FnsibeVFI++19:Nc/BnPS43wTTxKu748dG2vDYNv4FsM02

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/7865bd1702a8060b9f1c48a325560d2b8f947604e000022eb34637348e063ac6.exe

Files

642e026b63c293599ac50d11fddf9c75.bin
.zip

Password: infected
7865bd1702a8060b9f1c48a325560d2b8f947604e000022eb34637348e063ac6.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ