7978a3f9eff77dee615129d9ed6336d8[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7978a3f9eff77dee615129d9ed6336d8.bin
Size

673KB
MD5

d4e2503c7ee59a0e0cf675e4b689a289
SHA1

74ddebc4c73d173c8de9fb2814486a751470647b
SHA256

fbbdfa5dba948d07b92479e3da9c01a9b240b78934cbbc3deded2f10fd927e91
SHA512

3983ac881f409805ab6e1c7ae7d5541e78f62dd0fbb25262cdea2349bb33683ad3dcdbd3e87fd36130dd6b9d5866fdfe586ea74e5d958e39d0654b2db4da0806
SSDEEP

12288:VF5/3ao2inJAg9Lcd4UoZriJ8CA7j/ICv21i3t7OKk1ZUArcbAQKvG/UeDOvmWY4:VFQUAgWdgr3/u1i31OKTArQrcmPm6I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/2552c17f73833a975c30bfaa9d5591a979761bbf2a392389b095893ef6093e1a.exe

Files

7978a3f9eff77dee615129d9ed6336d8.bin
.zip

Password: infected
2552c17f73833a975c30bfaa9d5591a979761bbf2a392389b095893ef6093e1a.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 685KB - Virtual size: 684KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ