efc1462c7e7cec64c7c4415a055b7ffd[.]bin | Triage

Sharing

General

Target

efc1462c7e7cec64c7c4415a055b7ffd.bin
Size

38KB
MD5

c7555385e59199e49b664928dec21556
SHA1

f9b78582f233658d0a85be69e8067245e7aaf5b4
SHA256

d02a35a91db8aa7e7d62ef72bad9719d4490f8f626c504c027347e8981ff20b9
SHA512

18ecc730396067b559a0b15ebda26cfcd9443839382b903a217a934a1935e03f0852bf5bc610e8641ad1ddd13f085dbcc8550def04aaae9c1d2763da93cb63ea
SSDEEP

768:YzBZPhvMi8b2BfqH9m2pNiJu+u2I6m92zK99z80atBCB71zD87gfq:YzB5ESBV2ys+VJzK99z80bDzgcfq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/0f76792935529fd3037fa201ae6b0d644f793972d3ce28bd4d473d1d56eeb8ab.exe

Files

efc1462c7e7cec64c7c4415a055b7ffd.bin
.zip

Password: infected
0f76792935529fd3037fa201ae6b0d644f793972d3ce28bd4d473d1d56eeb8ab.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ