b9a7882e99197bd0b63051101adfbc9d[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b9a7882e99197bd0b63051101adfbc9d.bin
Size

692KB
MD5

4120a5c56dcad46c366dd001ae5d0888
SHA1

12bf81076a8d6ca52657e6cc5199ca65465de0de
SHA256

af7eb11d04bbaa41cddcdb9c58637838ca2bf5a46aed1ac88c9faa988f27c818
SHA512

d3c60eca0e878b37b6f083b0bb7134661f73e4644d03e980eb1f77a341faf02e3d148174a2c6bf181045e1e54f62d3bc549d44ca8b12a51f98d42a1db568acbf
SSDEEP

12288:RCyYO06hF0MRP/XMnbPfRjnl3UxBoBENyk5Xxh8ZFHj7EniAqdi:RCyYO06hF0MlMnbPfRTl3UxwEy8hhoFU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/7e67a390a2557aa2dc6f740d1b0906f74f6a9c6875800746bbeab17b2e3f0fb7.exe

Files

b9a7882e99197bd0b63051101adfbc9d.bin
.zip

Password: infected
7e67a390a2557aa2dc6f740d1b0906f74f6a9c6875800746bbeab17b2e3f0fb7.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Tcvy.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 838KB - Virtual size: 838KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ