4d4b96d3b42def3fb6593e932a2f0432[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d4b96d3b42def3fb6593e932a2f0432.bin
Size

647KB
MD5

013297da1d621a00992bff742ccff252
SHA1

b7751d43e518cc2463d807007f7781ee705d4312
SHA256

65cda8604338908d0818f71a35ed22d678a160d4d36b4eb43e0e55c6c8a9d7b7
SHA512

810db5e101c3a4644cda67212f14af39121d5af8ccb2ec8c6d8a44c5a56219bfa658825be82908ec833187dc6b8df7e4a95e7b9c6f47cec5e4a654b097ebac03
SSDEEP

12288:Si64ahn19U6ajeGxG6aFragm4jtxx/iYSRPtDlxWRB9WQ69+yOYS7hi1HCvHMM:Si6vB7U6RGA5agm4jtxx/6FRlxWRYR12

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/e31e5e11cdcc7b8553d2727ad88e8e44f33fccd31892d9779a6c312fe7f56a86.exe

Files

4d4b96d3b42def3fb6593e932a2f0432.bin
.zip

Password: infected
e31e5e11cdcc7b8553d2727ad88e8e44f33fccd31892d9779a6c312fe7f56a86.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 824KB - Virtual size: 823KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ