a9862010588f43a61bd317483b93947b[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a9862010588f43a61bd317483b93947b.bin
Size

498KB
MD5

e79815a740e092ac0dc19217de1a4f3e
SHA1

3ada978a3f5060cc980cdbe54cbc0cbe2cf139f1
SHA256

49c21f3186b335344bdcf60a381000d795da7aaa94a0b65d522899703bd7c149
SHA512

df91486c176a68357deff7ef5ba5ede611941e35f5be5aff0f7dfa50ece40e835be8479c7104b3a786947d1d319920ae0a00ef29c9badfad805e7d3e9e825bae
SSDEEP

12288:BpMLAVhZY+Qcy2Wj7mvH0fO3X65bJiE7OiGhfoO:BpMLAjS3fjyvkuKtJiQOuO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/74ab97b09af8d1277126ff92b065ce8f08c3dc28f17745e78c0d8fcf0e8b5447.exe

Files

a9862010588f43a61bd317483b93947b.bin
.zip

Password: infected
74ab97b09af8d1277126ff92b065ce8f08c3dc28f17745e78c0d8fcf0e8b5447.exe
.exe windows:4 windows x64 arch:x64

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Windows\Containers\Confidential\DotnetGenerator\Stub\Projects\Fallkyriya\obj\Release\Fallkyriya.pdb

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ