e1e802fb878301d7cef61a933f96bac9[.]bin

General

Target

e1e802fb878301d7cef61a933f96bac9.bin
Size

603KB
MD5

80a35c29997fb56a213a13558cb7da5b
SHA1

553230ed054e649e62744dd3d6eb73face2dea5b
SHA256

4fd6bafc246d55261dc5b805e2293b0ed51902f77f6689689266c1132abc379e
SHA512

ed914bf51a9e9ec212d34e7dec0994b5b127ddb0b3009a2d4ace8e9c93f1022f81ec57586e485d2566e677a0d9734e9c164b4e9665f713fce8ff6b8b44e29615
SSDEEP

12288:W/epu2XnwxwyqvtCV/6Eh2AfTdzRjByb1RnkpNh4cR8xV81KeS507:WGpuGwx7/d2UtjBybol4cR+oKL07

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/BBG76865646 PDF.exe

e1e802fb878301d7cef61a933f96bac9.bin
.zip

Password: infected
aba8965046ef789af4dff4813e508cb38b9b3931e80311b114c0862127bc957b.rar
.rar

Password: infected
BBG76865646 PDF.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

ZVFF.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 610KB - Virtual size: 609KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ