4b6a9daefc35a680c726bede57b9a1e7[.]bin | Triage

Sharing

General

Target

4b6a9daefc35a680c726bede57b9a1e7.bin
Size

841KB
MD5

4e1fa05b588ff05475076bed92af66e2
SHA1

4e20bcaccf780a837e9a720025e1c45776fa4cd1
SHA256

d584b7069ec337044e57af66df7c2e6d70e2542993307d9a335d4861091f9c47
SHA512

1afc8990f431e9e21711941cb8795eb4b4ef7ec6a1c2b96a28b4c9f1ae409dac35402c36a1261068fe1ae51b6c4edba0a351bb5e3b8e94af642f82483964a476
SSDEEP

24576:+sNeTAEUCiH3W4MNwlD2MpIvURWWXIosOFMjtWbgDtAZD:UUEUpHIqYvOt9lFM0bgDtm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/f4950f52673c4a9fc9a369228ba52f417038fcbba3901245921ba8a68fba5a6b.exe

Files

4b6a9daefc35a680c726bede57b9a1e7.bin
.zip

Password: infected
f4950f52673c4a9fc9a369228ba52f417038fcbba3901245921ba8a68fba5a6b.exe
.exe windows:4 windows x64 arch:x64

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 855KB - Virtual size: 854KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ