8bc29f39922f7905925d0f58e95f1a4a[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8bc29f39922f7905925d0f58e95f1a4a.bin
Size

652KB
MD5

7f9ad38bdba6d3b2e7b307d25a70a315
SHA1

c2dc417ea518f8892dd783ed527fc1ef56c7f13b
SHA256

b853af16dfd90e70457f58ff5525c230f27daee18398a46ef6430e99a3547303
SHA512

a8693d3a2bca2b30359c53dc1888a91c2a2099b5b841337ce93c714b95992d3ccb5c1525a75071ec4cdd2e95c9433081c2d7b1a0274868dba5b279b5d9ce14a7
SSDEEP

12288:ECiry0/Gp1t4Ps0KSEIebXgfVMNWbS92rFIU6vDhFfL7ZTZNWsAxJ+MeeVHGJtAb:EJLGHt4U0KSaXguR98F36v3fHZTrWsA7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/5c4064658cfc929bb45169b4ea8f237984acd8f92ee45892c1b05bffc61cf0aa.exe

Files

8bc29f39922f7905925d0f58e95f1a4a.bin
.zip

Password: infected
5c4064658cfc929bb45169b4ea8f237984acd8f92ee45892c1b05bffc61cf0aa.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 698KB - Virtual size: 697KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ