6cf234dc5736dd648ea27662e2efa934[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6cf234dc5736dd648ea27662e2efa934.bin
Size

595KB
MD5

e3df03b934b620f156e8e6dbfe692edb
SHA1

db365835f4b26a4d40de8ac239711757ece30cff
SHA256

a6d0b9a7931c65741d2e9e54774954c78126245e586713d212f7c9a047391c07
SHA512

5f33c2b6660d900723454feae092d5256b811f3ea7a9c2b6820d760886c364f8735ad8c5a5cc16975edba665d2fe985ec5aa6a2fe22f48761106fa5780c6babb
SSDEEP

12288:K0KciBj2O0hGgEs1Nvu+xd2NPMNleCbrjyEstafu6lEpCBH/DkjzH07:KrcHpEs1NvXxd1Nl3zyEQ56l2CZDk/U7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/06ad6fc49422d1360b84a4744d25317e5ee3a88868ff8487f975582b499ddfda.exe

Files

6cf234dc5736dd648ea27662e2efa934.bin
.zip

Password: infected
06ad6fc49422d1360b84a4744d25317e5ee3a88868ff8487f975582b499ddfda.exe
.exe windows:6 windows x64

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.data
Size: - Virtual size: 888KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 595KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE