2c1424a8a85dae75de98268298d024db[.]bin

General

Target

2c1424a8a85dae75de98268298d024db.bin
Size

631KB
MD5

d35d8eaeb95d586000fefdc9c0bfd2f1
SHA1

b01f0b5dd6e90952df32bad5f34a806da6cb8389
SHA256

77d2515e02ebb010f3846708c032a812a29ea1dbb4cfa0f6260735983ed178df
SHA512

f775eb7480922b1624961d00264e921699e85fc761489d1234c1c1efb5875ac84bfefb46b46b6ae4ed5279be624e56cceae94db0558e72de6cbddfc0d9294ed7
SSDEEP

12288:Pz2UwefcX3oGWX2+/RVaNnHYIr4LZHCDvFLeEdTkggyWC42Ql3QRVVK8+gQwfbwW:PGcGWXbn+t5ewddVKdgQcV

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/overdue payment pdf.exe

2c1424a8a85dae75de98268298d024db.bin
.zip

Password: infected
e38f859f13e982d332dada2cc71f6ebfeb87793959bd37642dc8f9a1d9b655da.rar
.rar

Password: infected
overdue payment pdf.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 743KB - Virtual size: 743KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ