4c4b53e5e75c14252ea3b8bf17a88f4b[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4c4b53e5e75c14252ea3b8bf17a88f4b.bin
Size

397KB
MD5

0e521efc64596e842dc035bbf33e47ee
SHA1

f02512c9506a11b0be9ea4315738a8d524f682b0
SHA256

ad3454f9e0ad0cb36d470ac890c4a45838af852e2e813f66a9b0f9433fd10c0f
SHA512

78ee9b94ccbedf36b93527ac658f4e03b652d7a6a2bd4ee2e44ba7f6ced52fb2a8890ebc338ee1becb7c28e02cebdc5dc274f8d64f909a68be2110e1cadbab04
SSDEEP

6144:hXLaAEhJ6TC2z+jhjLvYdBJx3yPN7GiOoY3iTIIPlmAYpMCCVSgEM1PaRF32HZvb:hnEhJd00vYL3ULfIIdAGHqoPG25d1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/799b9238ec23d902f6a9172e6df87f41faff3f639747f5f70478065a35a37598.exe

Files

4c4b53e5e75c14252ea3b8bf17a88f4b.bin
.zip

Password: infected
799b9238ec23d902f6a9172e6df87f41faff3f639747f5f70478065a35a37598.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 462KB - Virtual size: 461KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 578B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ