bf406a373f891fb3d3934b3000e80cf6[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf406a373f891fb3d3934b3000e80cf6.bin
Size

31KB
MD5

1d1a495e99a78f5e64ff201526ca8fe1
SHA1

162d2d41e6c69c114d6b412a19b8ed6832b507a1
SHA256

7bef8dffbf274fca3a89dd60dfef6bc17b2fbfcd8c3256659d1498a43e93faf6
SHA512

e114958e8a67db7ad6d4fb9bab5b220cee8a67d4f7dfb514741aaa8879a59832c0519aafe041884eebf62672f1764c3b8b575a71e03f38663b6ecc49d65a16cd
SSDEEP

768:0gnCxU7mZo0bKDb7AlAHGxGTSs5tw4ybNBuEA2goxz1:0tqmi0GDnA+mQuubybf/gsR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/83e73478f4be848988f43e16e81ceb24da7a2e729fbe004ce4aaa1a77243ddda.bin

Files

bf406a373f891fb3d3934b3000e80cf6.bin
.zip

Password: infected
83e73478f4be848988f43e16e81ceb24da7a2e729fbe004ce4aaa1a77243ddda.bin
.exe windows:4 windows x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 209KB - Virtual size: 229KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE