040f9e138e1e4cd97b4e4ef067b728b9[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

040f9e138e1e4cd97b4e4ef067b728b9.bin
Size

746KB
MD5

6795a429bbb79961e3fca0934373316c
SHA1

db1cee1b2f1036b8682ce8b1a7029ed25254d653
SHA256

308131a6962a8f65f5c885c456acec07c291d32ef29867d6087f74c00c3e0be0
SHA512

be0ce2d6edd51fd52e96a58e93e419e82de4d643f5b26666c5299f668b895d73d9119a069cec708771da5686784c5d71c5cb1d80fd9a35293a50a7edef39d95c
SSDEEP

12288:YQdDq6/OZtXd60fm3hcVpaLxilGbi3JIebY7vmH5IMjhFQFJN:YMu6/cUGW6ZbuN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/c3105671b44dbb43690934adc01bd2322763b6b9eaa8ca345f90a6c2de6bada5.exe

Files

040f9e138e1e4cd97b4e4ef067b728b9.bin
.zip

Password: infected
c3105671b44dbb43690934adc01bd2322763b6b9eaa8ca345f90a6c2de6bada5.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 923KB - Virtual size: 923KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ