6d26359927886760ffa291fe921867c6[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6d26359927886760ffa291fe921867c6.bin
Size

1.8MB
MD5

d84ec76e432d5f54c1370bd635708f0f
SHA1

5bf68be3569f188bd59f3d95da580bee91fe0998
SHA256

1a91d66e2b7425dedfa6aa9be31cd9643dfc7aaa0d58a7c347c78d08c52a6392
SHA512

49b04daa5e38c6a18241c2488cf1f9770c3b761a1dba3754a36669c377215236375f7a2e3eb15ad974fe1b04003963bf115bad646c3dbb9bd1cce071e0e584e7
SSDEEP

24576:HAhW+8XJ7NtLku4taxUGQffvqkpsOSFwY7P+rxXkGtZkQ/WvMj7FV/YKLXyLDIr7:aW9JJuu+9St/RWk0ROvM/H/1b1wRE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/3012c20b03ff9ce7420c6729f4e55e38204e294dcf2f60c1357587d86e118258.exe

Files

6d26359927886760ffa291fe921867c6.bin
.zip

Password: infected
3012c20b03ff9ce7420c6729f4e55e38204e294dcf2f60c1357587d86e118258.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ