bc5a741e49a5301e5e9c81bad92ac1ad[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc5a741e49a5301e5e9c81bad92ac1ad.bin
Size

114KB
MD5

3ed36111ebc27e62db53a36cc1df6ee2
SHA1

038fa53aec75f0058fc86a06cd97644f345aa32c
SHA256

c925d9eac9b4ad5f48232f337dc885cea1fd008372c6b215194d8dab8ceb54c2
SHA512

8c036bc6e65353d15c996a8740c62a5177d85f32e32119681ad928b934586960c0a9de73e47ea9977ea4c2479bd0b37968d69ede6e9f2f32f04556e0f19bcbd2
SSDEEP

3072:Ou3wyYsiWh8tLhJnst0rqIOUe8uXxshgiOga:Ou4W6g0r9VuCgiJa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/b367ca572bc89b61ffa5ce5511d96ad100b37d4aee235314a9573e579b82ab52.exe

Files

bc5a741e49a5301e5e9c81bad92ac1ad.bin
.zip

Password: infected
b367ca572bc89b61ffa5ce5511d96ad100b37d4aee235314a9573e579b82ab52.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\6oj9np5\obj\Release\NETCrypt.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ