976b3400d5b223273769ec4d3a9018c2[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

976b3400d5b223273769ec4d3a9018c2.bin
Size

669KB
MD5

e776404c63bfb03c2c939767fa42cf96
SHA1

21ed537dd0477964fbfa06744bcb263157052412
SHA256

2308e84f9ce245331548279d4e276121a75d1c7289fc6fe99d5e2092856a5cbe
SHA512

55e0e4b20c1802e7fd4c808df4464e8b0c04aaf395ccdc50a016524692aeae9dd60ad67c7a4357608233d7fb4806a14cb1d57ca6eadbb75288fbbda6e421e92b
SSDEEP

12288:9ZmLQ4DvO2job5s3cZoC+3aDFLwiaQhlOObq3UFufllgfIGwYqtmkSa0:PmL/LjjEs3cZoC7FwolPbSdfSyw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/f0001a00a9509096ddf2713ec4071afa151e31efe64ceeaf6fe5d1a0b3b2343d.exe

Files

976b3400d5b223273769ec4d3a9018c2.bin
.zip

Password: infected
f0001a00a9509096ddf2713ec4071afa151e31efe64ceeaf6fe5d1a0b3b2343d.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

rDbQ.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 696KB - Virtual size: 695KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ