6e79997d9111751211864b4e468e390f[.]bin | Triage

Sharing

General

Target

6e79997d9111751211864b4e468e390f.bin
Size

2.7MB
MD5

76ec2c11bf2f04ab4f1187f1dbe4ae49
SHA1

5ceae126bee1d466d0271309b143be05da71cfa9
SHA256

c645197af9fd3eea23d31dddb142dc2097653832ab46b4174bb1a1d5ef0d9f4c
SHA512

65fe908ef233afe9b1ae8a7af1629c073c70fa708ea57224abbf6bff381966d0ad923e898636b3c1be8130687cf9c55899ccbc5a009cecd743de0bf24067d48b
SSDEEP

49152:JB8OCgERbl3gFMgfsUhmhHOWVXFlW8ip/kYcC5lH6/AL7xjXx9+g6A:/8hR5+hEUh6OafQkclHq4ljXx9x6A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/a04bc4d06ea0530391a2c7d1b381a9b6d23af6965e345ae99290755c80c1d751.exe

Files

6e79997d9111751211864b4e468e390f.bin
.zip

Password: infected
a04bc4d06ea0530391a2c7d1b381a9b6d23af6965e345ae99290755c80c1d751.exe
.exe windows:1 windows x86 arch:x86

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ