6d14d6c44e9b8ded1bb6ac2c057ba046[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6d14d6c44e9b8ded1bb6ac2c057ba046.bin
Size

410KB
MD5

4ba6461ad7411c6401b820635de576ed
SHA1

ed61c0f6640aea827fac27303038f416684557e6
SHA256

495d04fb334b8e02d614c8d37d059bc2ec980bf67139337324f6d844418df81d
SHA512

1d2cf1d1118032dd282a9e14f10c296e65f66cefe5a6d9393a1c8f06e4cbc96b0a73fc0e35ef5690aba0732ba58266454dc387b8ef6e87411871fe3443ba3c08
SSDEEP

12288:KUu6JYWWEP2XOhD8lBsdB6BrPpJE4EDKEi9IW:KyJY2PyGIlMABDTE4EM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/f7c1bded8b82126980b2149af9960a2c4986188be76d74e2d3d53cba07d31bd2.exe

Files

6d14d6c44e9b8ded1bb6ac2c057ba046.bin
.zip

Password: infected
f7c1bded8b82126980b2149af9960a2c4986188be76d74e2d3d53cba07d31bd2.exe
.exe windows:4 windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ