18aab7228f684178f93f2ee6cf4e409f[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

18aab7228f684178f93f2ee6cf4e409f.bin
Size

720KB
MD5

4f0b9d814104172ea3085cab853f5346
SHA1

abc44009d91a93d961153bf687ad4badbdfba25f
SHA256

72716089761f07335836430a6efdb708acffc72570055620d02946e6ce4f5780
SHA512

5064f551c750fb5aebf21d0bad86b7a24456ce5c1f40c4eb2741ed5714fc1ec096327091ba4f6c513ebb5e2a31cd3762c175485de1a8b2be4fc602800c9c5730
SSDEEP

12288:BKFIowt1bH71K3/3Cpl1OqigDUBD2GaQkIQfkHvgtMhqvPvB6K:bt1D71ESpezBluInPgQqvRD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/21d5d8b254df4c982f0d5e2289dedce8859f154b494a7a560834c6ff341028ea.exe

Files

18aab7228f684178f93f2ee6cf4e409f.bin
.zip

Password: infected
21d5d8b254df4c982f0d5e2289dedce8859f154b494a7a560834c6ff341028ea.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ