3c6f9e3babe0abf7f7cffdd5973478a4[.]bin | Triage

Sharing

General

Target

3c6f9e3babe0abf7f7cffdd5973478a4.bin
Size

637KB
MD5

3d0e44c7eb884377243276d7ebf55f7a
SHA1

6b6c106bdeceea1ffc3fbac933230b132c817f26
SHA256

b0c5655533a7eda279a021788c5b601ed0e141a7dec0ef41860628e465547243
SHA512

facca75846c5b728df998ee92fb5b8433f17fb3af277cafc25eb3001e9f5482e2b61192c33b4caa633aefa2d4c86b905bd77d43e72e5e9aafba9958df78b5baa
SSDEEP

12288:zCT7SwrRX0dpgkK37aGT3skAWOt6eO6lC7vY9L5+yDw1Mk9ZSjKZBt5JK9WCB4Q:zCywr+jgz373sAheONzpy019ZSup5k4Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/b700c973b1bf8d288ca8cfff7d713485f9792d8901e6658bd419ecf7cee76168.exe

Files

3c6f9e3babe0abf7f7cffdd5973478a4.bin
.zip

Password: infected
b700c973b1bf8d288ca8cfff7d713485f9792d8901e6658bd419ecf7cee76168.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

LWYo.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 669KB - Virtual size: 668KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ