7d784b92dfbb63809de8072978d2d6ee[.]bin | Triage

Sharing

General

Target

7d784b92dfbb63809de8072978d2d6ee.bin
Size

4.8MB
MD5

8d3d9bf2f33223c5eacd32a26a44d7f2
SHA1

276f7b9bb4433906974dec217e1bd0e0c15dead9
SHA256

444b1c36d00ff24613da66f8665c1a0f66730ed4562fa128f493d8edf4a7fc44
SHA512

9b671aa4f5d90ab0f4c0e203f89fe6dd3146b43d301a51bb71b1cf3a834169581bcb4f0f35e143b516e2733c53be4d27870fa9dd051967d2e73536b7a28a9b12
SSDEEP

98304:LyTFem9WqZfMlfiH/wIoID4f6+VQY5GwVq+62KztRl8bVeDtYnGQwE1:KwmvGfi43XnQY5Pc3abVitYGVW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/6072851f5bb88b54feef9c7aae9a016cfebe3ec37a794791960e6bac46c2c71e.exe

Files

7d784b92dfbb63809de8072978d2d6ee.bin
.zip

Password: infected
6072851f5bb88b54feef9c7aae9a016cfebe3ec37a794791960e6bac46c2c71e.exe
.exe windows:1 windows x86 arch:x86

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ