8b4e3a62d01f4d0cf638607b5e7fb2a1[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b4e3a62d01f4d0cf638607b5e7fb2a1.bin
Size

2.1MB
MD5

5fd48eb2a49a5b577f5f8088030cfeb7
SHA1

4da186321ddbe15665b2e4727630e3559e56cd4a
SHA256

6733ba1e044cc9c4d326fba7de214cd22076e1893a536d25a2d61ef8719f659a
SHA512

42c4bf90395e4eae1609fbf3941547fc60483bf2ad7368e28e550a577bbc7082f91572dec980939fc2b9cca4e175f94f69b59dbff2c5608493999d16a32598cf
SSDEEP

49152:g/SrTG4xZ31qjMnzZDw60lkhIiCFjUy0u/kAWG8QmaLf/P8:vl15zlwLiijU1uMAWk0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/4187407e94e390b8916206e2714b4941cacd06c60f9a8662f41b847cab5f2d5f.exe

Files

8b4e3a62d01f4d0cf638607b5e7fb2a1.bin
.zip

Password: infected
4187407e94e390b8916206e2714b4941cacd06c60f9a8662f41b847cab5f2d5f.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ