a89f5a781a4d5153ca31ed64ce27b379[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a89f5a781a4d5153ca31ed64ce27b379.bin
Size

7KB
MD5

3121e976662899a6443d0c662dc67e9e
SHA1

4ca731c9c93be4d41f381891fa1c25bcca7afb8b
SHA256

0a023b1b0d1ed7cf0748819a6ea0c32a9a50941a4fcdf0e00ce1be0e5359e733
SHA512

9e71730f5edcfeb655898120d2f50172d48273fc0ae6b63d153e2fda6b65d0084e93af744bdea2dd41b128e16a2b8b4d849c0b7c820be05d18a9d926b19f0cac
SSDEEP

192:lb0WUA3HsstGz7vKhWIeiEaFtnasdH6fWZ:eAqfuWqdHs6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/edeb7fa25c34426f14f1a4fe13bdcd7b0f3a3d6291e6ca883fe7b9a7503d622d.exe

Files

a89f5a781a4d5153ca31ed64ce27b379.bin
.zip .ps1 polyglot

Password: infected
edeb7fa25c34426f14f1a4fe13bdcd7b0f3a3d6291e6ca883fe7b9a7503d622d.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Boss\Desktop\Laps\Laps\obj\Release\Laps.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ