61605e9d7527c40ba5f47cbfaabbfd7e[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

61605e9d7527c40ba5f47cbfaabbfd7e.bin
Size

27KB
MD5

d817f73e61262d2a08c89c3307722266
SHA1

4819961cd179fcdef8613442fe726073afaf14c6
SHA256

aff913e1401fb2d5085d6e4c73589f707146fc40c16b6b71970758194e6e489d
SHA512

441f446d2e5c5430d536f1e23939f2a83e4b206ad808f51305d13c7c15fe12a4baa5820bb3000de10102c54bbeaea4b7b8096af4b1fd1a987faf96d59cdf9319
SSDEEP

768:EWKJA1iSrMpTQ+LRqEAv+w/D9h2Wmr8MRYxvouTa0FSIg/I:Eb2iSGsOgZ2ehhSJuTaBW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/01cef038dc09c9f531980101c3130449d27dd22c5f9996c3c48ea78142f072c6.exe

Files

61605e9d7527c40ba5f47cbfaabbfd7e.bin
.zip

Password: infected
01cef038dc09c9f531980101c3130449d27dd22c5f9996c3c48ea78142f072c6.exe
.exe .ps1 windows:4 windows x86 arch:x86 polyglot

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ