66b045bac49f6e2c487b456981cc6477[.]bin | Triage

Sharing

General

Target

66b045bac49f6e2c487b456981cc6477.bin
Size

362KB
MD5

e2f253ec5e983fe259d8ff658973cd0d
SHA1

0b29c8bc01528c7c0dc9522e6a6f707d83be312a
SHA256

564bf840b59d0fb370027c1c736ed5a298fa4b40d230b85540ac293617ce67bf
SHA512

cbc2912b496d0aa1a59d1e2ce1ba098a3131ed1b0896fd502367a3d874d37abf079dd06d9210ce0956180a8e446edf1fbfb8541ccb3481eb6b128a686f079cdb
SSDEEP

6144:zXNrlZ6kleDdBmNvGT8M+SMGMW5sXPdrr58QJ8FL6RX8/2r50W8/USlvrhF8Feuk:BrlZQo+T8Mz7MbP9ldwoX8u918sSlvrN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/50ca22bad815ec837e9145bb7322e13989f2dd16a236268627d9098df28e68ba.exe

Files

66b045bac49f6e2c487b456981cc6477.bin
.zip

Password: infected
50ca22bad815ec837e9145bb7322e13989f2dd16a236268627d9098df28e68ba.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 470KB - Virtual size: 470KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ