eaa65962797ce68df837f88961ac895a[.]bin

General

Target

eaa65962797ce68df837f88961ac895a.bin
Size

665KB
MD5

cc9af0dc2b54ce4d7554f51e7abffcc2
SHA1

9d28e9ff80936eb2fbe48ce7e8dbef3226e71f26
SHA256

7dae38ff17d7ade4bdc83b652121a1b90281e5c915f1d91f04ffae1e64e1e948
SHA512

6abe66f52b13a298d82e844824d82dc301f1a8ce3cc08ad8533f80285d84edf7110caf5f8cfcbe907a200ae79673e23e779cb68f5c09f9da1f2c54b89633b884
SSDEEP

12288:+aIRGu0Pl2hnFADjBayTMGtulAHn70eKtyNAqlSAwKF0yvY/Up6d6AdSZs2SPqfP:+n45sh8QGNulG70eDNAkFtvYzdNnQP

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack002/NEW ORDER -RA2000000056.exe

eaa65962797ce68df837f88961ac895a.bin
.zip

Password: infected
de47dc3211a804a39c03c4f646ca0f0b1d95c092a0cad1e61db9196394613beb.zip
.zip

Password: infected
NEW ORDER -RA2000000056.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

UaLB.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 724KB - Virtual size: 723KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ