f4a3d9404ad522ec1b9bd8feb8dca3b5[.]bin | Triage

Sharing

General

Target

f4a3d9404ad522ec1b9bd8feb8dca3b5.bin
Size

459KB
MD5

24f5be8735121e539e777b0e7fc5fe61
SHA1

3158fa8e66b160a92d4e1014d285b72f48a97f7a
SHA256

d69de6f4205696769caffe6bc3b75fd2da005041dcd88c110da9937a159233b6
SHA512

d842ab02af7e65c0d42da45b9c8f361003bd6827c8b058c52fd0067267b6769cf2428df316948f322d6b5eaf5d6b9556ef7130edf6f020158ce79f09c971b973
SSDEEP

12288:QA11XdtaPye8DJnQDYsLC1cYHfwJhqjwSWabpN/NE:QadkyJDFQDYH+EwLkp5NE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/9d737c768d419aed55de299a114fb8b4928d263320caa4b35c08f4c0bb3fcb88.exe

Files

f4a3d9404ad522ec1b9bd8feb8dca3b5.bin
.zip

Password: infected
9d737c768d419aed55de299a114fb8b4928d263320caa4b35c08f4c0bb3fcb88.exe
.exe windows:4 windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 498KB - Virtual size: 498KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 502B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ