b3605edf698023865b1e65852ff9e627[.]bin | Triage

Sharing

General

Target

b3605edf698023865b1e65852ff9e627.bin
Size

221KB
MD5

166c87f2ebf5aaf46e4b76e60e05cab4
SHA1

1485057e94213a1d02a1c10f59f1d50e53cb0871
SHA256

cd6b323e455ad47f4b395e8ee8e9a921b5bc22d180f2e1dfcab964ed17857ad0
SHA512

f656b649375cb7ca72a910188474e16fc8b99485844d7067773e621a5795a55ba68381083c6f888c5bcd808140cda32cf0b68189e564c3025fc48c9cc51a4acb
SSDEEP

3072:YjIMKa+pXv+dRd3L4Rsn9efjz8JWvEtcfwXbqWhvqI11LV2UDfXM0zdfxy/093TZ:bbp6+/Iy8G92ZTDdJycRT5X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/3c71bf86bdeb35c1b8b178e99f3193efabf63a55abebb3356426b731c362a255.exe

Files

b3605edf698023865b1e65852ff9e627.bin
.zip

Password: infected
3c71bf86bdeb35c1b8b178e99f3193efabf63a55abebb3356426b731c362a255.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 432KB - Virtual size: 431KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ