4000d5e46cde56707f790809b10b104a[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4000d5e46cde56707f790809b10b104a.bin
Size

449KB
MD5

a160cb3463aee7a459eb4cc23f2b3605
SHA1

b72345476033680c1d2acd2183313570b944bd8d
SHA256

dbf38c1652579c041f3d980380d7056f376540e2b06143e401c478ca4353d768
SHA512

e6a183b17bba9bc09cd3a0f488a0c175f3ae25e17e0f76fe33de05a94e98761702cd8ba1d635192e5b26a5f004f92a2f6751ea76e19fcc1f2bbd44c13acd1ddc
SSDEEP

12288:McmJn+G/Yz2QweIL6xDN6R60fnh5CeXF9XOwf4:Mzrwz2Qc6JNu60fROn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/bedec473c4313ce0f0ee5ec648d79994c7d00acec201c032699a5539176dc4eb.exe

Files

4000d5e46cde56707f790809b10b104a.bin
.zip

Password: infected
bedec473c4313ce0f0ee5ec648d79994c7d00acec201c032699a5539176dc4eb.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 477KB - Virtual size: 477KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ