3511103f32a3f171a7aa99dd2df35821[.]bin | Triage

Sharing

General

Target

3511103f32a3f171a7aa99dd2df35821.bin
Size

411KB
MD5

3511103f32a3f171a7aa99dd2df35821
SHA1

8517c2d20357b7db7d422644ff98b842406e7147
SHA256

9876a1a45dacfccdbd6f61dd780aba57bcb4a82fe48eedddb2419409ce5d496d
SHA512

5f58e01167f11d3e1e3936a6f6a90e2543f83278d81476456e6a6dbcab43a900df255bc24b856b0d5dada194237c0e8ed82f2bacf65c24ed0660a1484aa4d3be
SSDEEP

6144:KPG5om0gUpt8qnFtu/wg3h6S1/DB46503IAJsITWef1XYtQ1GXTSCCEed/1F7FCT:ApVXuLhlD87/YW1SDep1xFwesIsD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Rookie-PCVR v1.4.exe

Files

3511103f32a3f171a7aa99dd2df35821.bin
.zip

Password: infected
Rookie-PCVR v1.4.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 517KB - Virtual size: 516KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 403KB - Virtual size: 402KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ