777f716b47261f01d1f8d131c7b7c587[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

777f716b47261f01d1f8d131c7b7c587.bin
Size

604KB
MD5

4d60963a85452042cc55443e20394127
SHA1

7fd6920d97c94a22c5af85d30e7c5a9c21e32d2e
SHA256

fcd67665d9a401f9202817f4242f8a10222ee4fa6adda8146aa69abc47fba4d3
SHA512

3ea6b97a43bfc4283598a24d13be427b839b43b7523986513669b1c626629e513165b4614b2361bb8898d4decaec42b6e9535f6b3536c5f1170b2333d4ab0f01
SSDEEP

12288:UPlESORKKm+P5BHX3AHvhOf+u+ZohEuFBin5+ZFsFnpr8VKh32:+tOAKT3okf+Kk4ZuFEM32

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/78b15621d0319e8b7a105e1aa9a1927fb434bfce29e2a4f56051f552e393f08a.exe

Files

777f716b47261f01d1f8d131c7b7c587.bin
.zip

Password: infected
78b15621d0319e8b7a105e1aa9a1927fb434bfce29e2a4f56051f552e393f08a.exe
.exe .ps1 windows:4 windows x86 arch:x86 polyglot

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

wCeY.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 610KB - Virtual size: 610KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ