General
-
Target
4aeb9bf82a862e946918424b3f994f57.bin
-
Size
16.0MB
-
MD5
4aeb9bf82a862e946918424b3f994f57
-
SHA1
848b06744250c8f0fc5f5777bfb2667ff54deddb
-
SHA256
d62aaf50cf457314b1da4b94095251bfd4d30dbeb800802f6d1b2ef2cf6b7a78
-
SHA512
695f0e2a57d2070b4331007c85949e6debf6b4f718253294d0d7b162ee728a6b44fa3b6ccc3311d974452c773e23f1424a05c272bb3f4b94dd025b44b7f6b66e
-
SSDEEP
6144:hN/7iPrcL3ArwhBq7Kjsn9iHGXg0lwGS9MNNhdFvPxps9gsAOZZuAXec747ov:hN/uPq3AfK496Gw0lwGXN3pvs/ZuB8v
Malware Config
Signatures
-
Remcos family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4aeb9bf82a862e946918424b3f994f57.bin
Files
-
4aeb9bf82a862e946918424b3f994f57.bin.exe windows:4 windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
.text Size: 485KB - Virtual size: 520KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 4KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE