7cf0ba422c37585d399e4dffb0b7757c[.]bin | Triage

Sharing

General

Target

7cf0ba422c37585d399e4dffb0b7757c.bin
Size

6.5MB
MD5

28c71937244877980b0ee02e301a97b6
SHA1

683cac34cc1472ecb111c527c8a92d173b683042
SHA256

3148cfb653836bf50c141cc59904eb2df60e59ecc548d00ecd4925a49fe51658
SHA512

3412777f446d9e00b4e15ab6b6c306930dfbe27ecbfce298629c901e89b7ac2515cbf035af35bc07bbb56e69ef4a2bde717771d771c4e95a84b137927d8a3d17
SSDEEP

196608:c9dCaSU/FMAW4zg2UD78lob5XNJibrNnElsmEcgx:c/Cp4OAW4Avzb1NJibrNnElpgx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/b20de9452f77b912c49bd307cc1e2550abb4e17d8497655e64ed0883ce4cfcbe.exe

Files

7cf0ba422c37585d399e4dffb0b7757c.bin
.zip

Password: infected
b20de9452f77b912c49bd307cc1e2550abb4e17d8497655e64ed0883ce4cfcbe.exe
.exe windows:4 windows x64 arch:x64

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 6.6MB - Virtual size: 6.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ