2bd4145da31909b2dc0d423a626224a7[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2bd4145da31909b2dc0d423a626224a7.bin
Size

2.0MB
MD5

77412b541893972eb8b22fbe330cdd70
SHA1

a4b0b81304f3a88f41897404e3fb4025bb21d0e4
SHA256

316c0f6fcd9734ac771196eab72f068dc94cccd946094aaeaa79ba4d7feca905
SHA512

005c7910a2b8616396ac6555013ce48c67bfa092682543291ac4faaedbdc0775b11842f589ed7006b74af5c7b26466e0cd8af5446daab1ca1cec3516b4903508
SSDEEP

49152:WTvpL+y1lVlVfNpKXotKjnpxpg06GShmZhs5uqBAI7go:WbZlVv3KYcdbfnbhmzAWp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/b3e2fe43f3024cc479415e745cd9826752debe4e8b208e5e5b7cc510723b787d.exe

Files

2bd4145da31909b2dc0d423a626224a7.bin
.zip

Password: infected
b3e2fe43f3024cc479415e745cd9826752debe4e8b208e5e5b7cc510723b787d.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\press\AppData\Local\Temp\Report.A66214F7-6635-4084-8609-050NK772EXE\obj\Debug\stealc_cry.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ