6a4c99c2e02297e23f3a3c35b5546585[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a4c99c2e02297e23f3a3c35b5546585.bin
Size

610KB
MD5

64972f0b12e94821a670faea674997d3
SHA1

6926faac2b4b8f7efd17dee72bf0c5e70e4c1e54
SHA256

73d62262e955e363853d7be21ada8dca9845e0c8ea2a35cb836b082d54e0c926
SHA512

9e3b9cd22c64be211cd7615d3d1cf28018a284578e3852308ecdc81ca6f5fa7360f96f8e455585e916a478e13379d074d6c142c0482575d5ba63ffbd7bb6d885
SSDEEP

12288:xIq+tsnJrd569pyjtf/oTfMugVFuVWB0elp937yLJmcIwRRA9d:d+KJrd567JcNBppCzjA9d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/d734447cac7e7f4656b9eeae3a3afbbbdb5de5383a086258e8c2bbd60af69489.exe

Files

6a4c99c2e02297e23f3a3c35b5546585.bin
.zip

Password: infected
d734447cac7e7f4656b9eeae3a3afbbbdb5de5383a086258e8c2bbd60af69489.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

tKyoG.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 619KB - Virtual size: 618KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ