4b0481822a305ed0953842f5b3a3806d[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4b0481822a305ed0953842f5b3a3806d.bin
Size

427KB
MD5

418c8eec598a474f442b2dcc749c74a1
SHA1

039457aad13e43cb497a3612346ef417f8f5df51
SHA256

8580150d4d9be4cbd17ff874222a808c5510fd5e0220c0d4fc4a80ef308e67fb
SHA512

1ba6682477939872cda0364af8cdaa137f94922b666a1f85fe10aaa762c2da864171d5cc9ea549b18394aafc896fc50aa252f9ee5e55ae13133a55704ae733e4
SSDEEP

12288:U+EbFGCVb4oPuwLiS+emGUwizlGaoT4TMO5Kze/kU:U+EZhbFPd+/nwiXx1Qzuf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/b91b54efd84fa64888501a28e5f1559af5fa96537ea73c77a415a201de407aa8.exe

Files

4b0481822a305ed0953842f5b3a3806d.bin
.zip

Password: infected
b91b54efd84fa64888501a28e5f1559af5fa96537ea73c77a415a201de407aa8.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 628KB - Virtual size: 627KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ