f6d6fb984758b3f83d20bb10b8af1c76[.]bin | Triage

Sharing

General

Target

f6d6fb984758b3f83d20bb10b8af1c76.bin
Size

533KB
MD5

c2b140f73638282a8007efccb9daf50f
SHA1

563f53d30ac378a1576a62731c602341d348a8f2
SHA256

ee66900aa52311c88264cd7453f7e31efbe53d9a180384ee6d59f189016f1a64
SHA512

ecd0c2d370950483c744919cb70100df3ed212eabf4abf9575e10354160a19c009e4128b1d1209efc0285d678d7283158894e7d3537e1c72a0a5a8e8b8a2ff61
SSDEEP

12288:otoxoSAt2OAdrAvMGGZ7lhZ7Y17Pb3jvYqPQatg3uZwuoBhyeMIKSsD:kiAt2BdrIWZlYB7jAGtg5NFMDSsD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/2847858d6dff7daa0e79508437025c0a1640f609ba9c4d8219edd4cf9e2fc276.exe

Files

f6d6fb984758b3f83d20bb10b8af1c76.bin
.zip

Password: infected
2847858d6dff7daa0e79508437025c0a1640f609ba9c4d8219edd4cf9e2fc276.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 691KB - Virtual size: 691KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ