9d697a19004e86acede9ee1bef4ff664[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9d697a19004e86acede9ee1bef4ff664.bin
Size

116KB
MD5

7cb2e6508665716be37d4093f56c1c51
SHA1

0a6a425efcf3f57792dbb25ac716d7a68ee6e919
SHA256

062cf8a91d8788fc27e24975585048611de050c1e70dc29d9d8fdda4c7a39de9
SHA512

f318085a65ff28695f9485d4c0aa318f68c328a06a7cb06469bc586b7962b36c24083fb1b6fae79262a06a8eff591f9ebff9b5c3aa94e677c4995a9dc69ccb06
SSDEEP

3072:03yl4ocL4esqyBk5Ns/o2yTFilyVJZTsjCXLwjxoMu:gylQszGFiEVnsFxPu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ac1fa54c26a22f25b1d78ab15315f48339eca43645162de8ad9c77d83a7c7f0a.exe

Files

9d697a19004e86acede9ee1bef4ff664.bin
.zip

Password: infected
ac1fa54c26a22f25b1d78ab15315f48339eca43645162de8ad9c77d83a7c7f0a.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Mostafa\Desktop\xRAT-master\Client\obj\x86\Release\Client.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 269KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ