798f2512990dde2ac89b0054d5861dc4[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

798f2512990dde2ac89b0054d5861dc4.bin
Size

408KB
MD5

b6b3d4a7023878b0c2178f9c112783fa
SHA1

e5891bd12ddec91f7add6033e00c083baeceb07d
SHA256

1b1c86a939890d82f2f87909643f1089051d5c338fc19aa108994dc7e4074a4d
SHA512

824af06f95b80ebbd55ea43405cb7c9bfc7f955db8a7cbb663c456133d02ebd06111582a95d8bf7ed5b0c7e631aa735049ba2f20c269af2b4f2506878658e337
SSDEEP

12288:UknqJ5752tDWICnBLahLql/aj6MTGB75v3zFo4:UknA5XIOBGFqR/Mq5/i4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/e600c0403e5f3c3416684354c5c3a9a44c2b6942439377f9fbc81980a44d2615.exe

Files

798f2512990dde2ac89b0054d5861dc4.bin
.zip

Password: infected
e600c0403e5f3c3416684354c5c3a9a44c2b6942439377f9fbc81980a44d2615.exe
.exe windows:4 windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 439KB - Virtual size: 438KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ