b682c7f3af8fe06dde9c39b69285f40e[.]bin | Triage

Sharing

General

Target

b682c7f3af8fe06dde9c39b69285f40e.bin
Size

700KB
MD5

a75f9aa8d02e73a31e30f412c1a23b3a
SHA1

dceaacf6dc704c10df3c7239f93a54bdef81eaa7
SHA256

3a9f7b007f980e0946245acd471d5150ad78fc0e99b62850f86bf71dc835dd28
SHA512

3f16060899450edd43ea889e99f88bf4277115c09ead92e0ecf060caad0035503a98e44a34174396db09b00b7335110bbfc6a78990d005bd478ce67353261007
SSDEEP

12288:Zm8ri2zYnhKwcfimF7bwF+uvY6X8EBX4biygdRuIjCFr2HR0+Jx6yra0oivRt3/9:ZZdYhvs1bwF+4X9XCiygdkAC4He+Jx5R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/6cbc49697233b127a41c25aeae4ac2ab7a1c014c2fcef7ed7ada22269b94aebb.exe

Files

b682c7f3af8fe06dde9c39b69285f40e.bin
.zip

Password: infected
6cbc49697233b127a41c25aeae4ac2ab7a1c014c2fcef7ed7ada22269b94aebb.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

HPgo.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 766KB - Virtual size: 766KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ