0600dd6ebe80b1861cb363476c01f95e[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0600dd6ebe80b1861cb363476c01f95e.bin
Size

101KB
MD5

4348fb6a192779357d260a5c75be01de
SHA1

fba30e7ac163daab8b5a8a8ccf6b9259d16cd4b9
SHA256

ff39af36d9260fd6735e1a151235be694593ea14bfbc73f77ca9f4a9da4b810b
SHA512

962035377060793de86ad444ffbde25cd87161bb69babb2cd6fa38cc9d07564b92d8405638b0cb605be9b500b524659830a7f4f3772abda6da9154fa7f9c2bbc
SSDEEP

1536:YwpgKbmD1IduR9kVyRyuslf/k9dTntdmR8ybFLe7H1XDBH0Iny/WLkcGFESLH:6KAR9T5SHKtdgOdHVlLkcGtz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/093b4cd8a3f9e456fd7061c2e0f44ce0763aecd9f9ce735adc5da68fa68df6ec.exe

Files

0600dd6ebe80b1861cb363476c01f95e.bin
.zip

Password: infected
093b4cd8a3f9e456fd7061c2e0f44ce0763aecd9f9ce735adc5da68fa68df6ec.exe
.exe windows:5 windows x86 arch:x86

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ