b4f0180afbbf022e4d0f3d85c5e461ef[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b4f0180afbbf022e4d0f3d85c5e461ef.bin
Size

1.6MB
MD5

2f858c5f1329d13ecdcea5c943332180
SHA1

56be3c372a474805641527e51c195c2f25f1e789
SHA256

33082885bda70f76aeb2348b81c157afc21dc2a3f3755bd1e24550ddb11f508b
SHA512

6dea22fecfb6fbec4c75ec8f0519c12259422a7b4f47d4a510d57d2b7fc0c06958d5a9a857d3b5e613f8e5b6474ceca73f521fd432dc40b53495b3fc0a990c94
SSDEEP

49152:S8SpDZFLpE8yrW/utxr95h5zatI8iP899:S8SpzLpEtrXhiDH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/46304a29d2614764464359024e18491ab8423546564a2044eb875a3ead4c50a4.exe

Files

b4f0180afbbf022e4d0f3d85c5e461ef.bin
.zip

Password: infected
46304a29d2614764464359024e18491ab8423546564a2044eb875a3ead4c50a4.exe
.exe windows:4 windows x64

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ