372c87a49e2296bc7a5a95f8bbb12899[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

372c87a49e2296bc7a5a95f8bbb12899.bin
Size

642KB
MD5

b0e8ae48ff8ff3c30c05c18cfbbac17f
SHA1

4a6066fb3db49433532dd553a92a2e93f161371f
SHA256

a14295c0cde316127ab48bb04fbc92322664734b4ab9c75045422bb60f86e7ac
SHA512

a7a7c23817908c443839f843393c989f2c02dbd389b34903d667a87f53e677b0a4969fabfe4ea6bed9292802169119236681b6504d2dbff1683271f4df0d0d8e
SSDEEP

12288:fSQjNfaYtcceNxjoXEEarXxE0xF22HTaVV+hpcP125zeZr+e5Kz0dtCHY4+R:aONf3cJNRoXEEarXxFxQYsV+hpcPE5zC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/f4d887e6fc202f352e7b998e12df3621e2074e50f118342427bd873231810a4b.exe

Files

372c87a49e2296bc7a5a95f8bbb12899.bin
.zip

Password: infected
f4d887e6fc202f352e7b998e12df3621e2074e50f118342427bd873231810a4b.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 654KB - Virtual size: 653KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 14KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ