d4ba5e2982463378357486b8d7f656c1[.]bin | Triage

Sharing

General

Target

d4ba5e2982463378357486b8d7f656c1.bin
Size

24KB
MD5

30227dea3c6b3deb896fdc27bac01b9b
SHA1

4fc952eac0537306ea508530569d8a4eb01be78f
SHA256

f935004264672457491f62ec2dfee30c9c1f20690c2e1e87f339798d4b34ac61
SHA512

2e78b7c4cf4a108a31c7f83136969d3efff3bf50c443e98c63f1c2681946bb78f5f5c9c3a9baaacbe83a0ab1e5d8f169e8e87277ed62c271874000d251548e90
SSDEEP

384:ycxOnwAZdTTgJCBAkcURGyXgQotPNfF2CIxdcO/EfecgTrUdF+:yg8crJkGyQZN92CIxdcuEWdvUK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/d13bebabc4063d86102cef3bdaed105d826ee3f604986eebefa2e8be3620f29d.exe

Files

d4ba5e2982463378357486b8d7f656c1.bin
.zip

Password: infected
d13bebabc4063d86102cef3bdaed105d826ee3f604986eebefa2e8be3620f29d.exe
.exe windows:4 windows x64 arch:x64

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ