4b241ba692cf4d44e9276e4d6eb43520[.]bin

General

Target

4b241ba692cf4d44e9276e4d6eb43520.bin
Size

661KB
MD5

f6d9d5e1b0bb1d89b1a9a036724e95cf
SHA1

60b151a6ae671cccad55f86634d14785ecec3b5c
SHA256

cfd66a961d17be3fe85691a124004255c02e8ac6c9414b8ca1a424c2cf2a9832
SHA512

a9c7e6334bedbe2db03482adfc669d52cae312d0a529c91118bbce73f5feb3622f1185ce451257453efe9adbd119cede8d64ebe70a3c795fed7c98b42cb56f81
SSDEEP

12288:UpWeEwALz8Y5eAn0UeIQsPv5hQt3pRZkXVfPA4/GH/UB67Bxf3v/hAZS5rcnmbiv:UplRALwzYDesZuRmF1/8/UBgBN3v/hW3

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Automate Purchase orders88777.scr

4b241ba692cf4d44e9276e4d6eb43520.bin
.zip

Password: infected
76d52e7cebd696a4f8b379cb2737ad8b160d6bc688d833dd6fef2e0864d611ed.7z
.7z

Password: infected
Automate Purchase orders88777.scr
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 781KB - Virtual size: 780KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ