36c0506f71e62b803bc3a30f54f18424[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

36c0506f71e62b803bc3a30f54f18424.bin
Size

600KB
MD5

c4d52708a8466d7fd3899029f2cd6cc8
SHA1

064c8685660043dbd9e4f48046bbbc998b4860c5
SHA256

d1d60d82f9182818871492815d064483cfcc32c4d498f9a33737f2f8e90e4984
SHA512

f5fec5500460dd0a504ac57c9862d2cfc86cad47eec5a254eab87642ed83abf3b9acb7e97be3158d99c65b38c3c45eac791fd3c34dc96d2ec285105d92f9cff4
SSDEEP

12288:YSG1fA50MqRmaIE/sTZe9Aax1EOHdwSryqoupYlaq5jeo32czy:d/TCfIE/gCZ5dPGqzYT5jv5G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/facf82cbd92c630b669aee9f598410271e1f6922a6900e8de660901826701c1f.exe

Files

36c0506f71e62b803bc3a30f54f18424.bin
.zip

Password: infected
facf82cbd92c630b669aee9f598410271e1f6922a6900e8de660901826701c1f.exe
.exe windows:4 windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 666KB - Virtual size: 666KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ