f942afe139aff8f152db78870749913f[.]bin

General

Target

f942afe139aff8f152db78870749913f.bin
Size

656KB
MD5

25e31b2840fd9307f12233952df74be6
SHA1

fff4bb9d95f8fe2850bace981fcc43c3b9bd97a4
SHA256

0704b6013eca2b8262cd1d8120d0d57a456c52d77af3eb23687ee0132b733c55
SHA512

016645efe52d20986a3aa4c31b6c00a5ba22403ba903cc3fdbce0e35fe1055f64d492e81d4414c62319c2a009be1787687c57f3bc2b4373cbd7eb3e404635c26
SSDEEP

12288:HiUebXrzEwk0XSPw63M/eUceRsTCAtcqGAtmp12Z:HHe5rSI63M/rKTCAWqGAtYy

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/hesaphareketi-01.pdf.exe

f942afe139aff8f152db78870749913f.bin
.zip

Password: infected
79888e144fc2152415bdd365eaf844ab5a45f2b16038471ed9f3c1daa0c0290c.tar
.tar

Password: infected
hesaphareketi-01.pdf.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 681KB - Virtual size: 680KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ