f939e4e486b3a8611b8800a2e5178706[.]bin

General

Target

f939e4e486b3a8611b8800a2e5178706.bin
Size

585KB
MD5

7f711c9ee22ebb63f042baabfb6cdfa8
SHA1

a84bca25ed23af957d357c3243723330afc62583
SHA256

4628f44e616825042f77a56e752aac905c6ce9a1e6830f11a6a14682900d4288
SHA512

a1dabe0c8ccbca4361ed16db836707df56eab2c189c731b306ad045fe95a61de4819590e5ae5f9c791fa7bcce62414bdf486a8e7cf7e547eeb230defee0eef4e
SSDEEP

12288:37U0U0MXGvamyVrIGQ/pVc0/GybuECHzvauSdm3itaPHAt+IPs:rNU00RFCpbyE2iaot9Ps

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/E-Remittance Copy.exe

f939e4e486b3a8611b8800a2e5178706.bin
.zip

Password: infected
8964d755c2f389912c29fc1e6ae88443aa4f8e854ddd9896b85938d51ebe74ae.ace
.ace

Password: infected
E-Remittance Copy.exe
.exe windows:4 windows x64 arch:x64

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

peym.pdb

Sections

.text
Size: 615KB - Virtual size: 615KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ