292c9ddcddd8100cf10574e57b9914aa[.]bin

General

Target

292c9ddcddd8100cf10574e57b9914aa.bin
Size

889KB
MD5

4b3037362d0243f92d758e5ffe6ff6d7
SHA1

8dc9bb8d2210455cac47df9d9c0ea8fda57d89f2
SHA256

f4ca84537e2650c8a92dfd319efb37334db4a6b6e1dca369200f9a52a9911bbf
SHA512

63b266fe6d31b45bb88785017e869d59dcef923319d486ee775e2b26fd71c15259a2078ec39e77451ed96b7deac24500fbfec9089af1ac108bbe78262915bbf4
SSDEEP

24576:JqO9MFXyXOGqENzF9Vkqu+4RGtD27Ks48eJ:0eMFXyXFNdkquitD2eVJ

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/proof of payment.exe

292c9ddcddd8100cf10574e57b9914aa.bin
.zip

Password: infected
d1048505aa7b7d0ce07b3ecbca5d45a79d38db8564b427e234b094ecfbb83135.img
.iso

Password: infected
proof of payment.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 901KB - Virtual size: 900KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ