80efa79eccfa246506bd8ee651b8d257[.]bin | Triage

Sharing

General

Target

80efa79eccfa246506bd8ee651b8d257.bin
Size

311KB
MD5

36a47711fdb256551f50c305f7647567
SHA1

3bd88af5b74e16d79894949768942cc01d49a627
SHA256

7b83a4f34e05fe7b8284f7955f69c6048061296558268d5f872019d3f713d33d
SHA512

ffe2cf93bcb483ea386fb74f3da4654227ede0e5e73a4856bc3931498f55ddcd677c88154efc8b760c1bdbb5e12064a35559a42b6078737a910b1c2cdd22352a
SSDEEP

6144:xoSKfbLGJ3/t4buM9D2bsMzvfr5cUu3cbUSc7wCtAtbmpG:xoZTO3F4buM9a4Mz7ScVc78p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/8a3b1c3b243c320115b7c69a84abdfac2556e4bcab2f5780ddfad508c6618d4a.exe

Files

80efa79eccfa246506bd8ee651b8d257.bin
.zip

Password: infected
8a3b1c3b243c320115b7c69a84abdfac2556e4bcab2f5780ddfad508c6618d4a.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 338KB - Virtual size: 338KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ