6a8dffd20be3520bcfc96925ad0d8d89[.]bin

General

Target

6a8dffd20be3520bcfc96925ad0d8d89.bin
Size

646KB
MD5

37634ad346748e4a199a3d2e748cfb16
SHA1

ffcb081b7a2c4d049c1de6908478c984e2cde322
SHA256

f601b935a9bfcbf3d80954bcf18b705f06d2daeadb6b77759e3a6a887e35721a
SHA512

e4e46432116c21ab6597cbcd8c7a060af29131c5884ef03dd1520a2179b2f8c86c9a5c637a00832747e27b7e63952d5ed91142e1e9e4999fe61a243d97da5468
SSDEEP

12288:PPsDqc5EaFEpQm3UFVBKP24XPMEDzEOiSeMDUqtAJdZg5akIg:Pkqc5b6OBFfTMzeqgZgAkIg

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Payment Details.exe

6a8dffd20be3520bcfc96925ad0d8d89.bin
.zip

Password: infected
e9183cdb2a87d7cdd94f78fd9d29861b13085e8e3a71e44d2e690386504a5ea3.zip
.zip

Password: infected
Payment Details.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

fJtz.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 696KB - Virtual size: 695KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ