39d6ec26690ffee2e74fb9694b30453c[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

39d6ec26690ffee2e74fb9694b30453c.bin
Size

1.1MB
MD5

5608cd48259339a3e2dc7902505f0683
SHA1

cac9ab383f929c22eeba031d40ffb4f3275c63bc
SHA256

66d94d9f59e2c11afac04b48f7fe67f5c6ec9a02669d9928943f63170c60d922
SHA512

feb909bbaa77a8fa562043cccfe02f4283168831bcd23cb94e30023de01b6a821d06a0682f94010349bb1b3e76f3d2f9101c8e06ed3ace0d3445aee50173568c
SSDEEP

24576:8pB/1OeWiI4Nrg5pw83WFS2Fbf42rSmHZnNKI1:0BQSD9k3D29fMmH7Kg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/4bf2d648bf901a9c4f26b43f85e26b6659e22657a3d308dea668de43fed2dfdb.exe

Files

39d6ec26690ffee2e74fb9694b30453c.bin
.zip

Password: infected
4bf2d648bf901a9c4f26b43f85e26b6659e22657a3d308dea668de43fed2dfdb.exe
.exe windows:4 windows x86 arch:x86

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 174KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 920KB - Virtual size: 920KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE