b8aa70ed9243f5aa9c8dd45e8b6c01e7[.]bin | Triage

Sharing

General

Target

b8aa70ed9243f5aa9c8dd45e8b6c01e7.bin
Size

1.5MB
MD5

188373840e2cb43b1486c6aec39ee60e
SHA1

a190e2d347a614399d55f094b0dd32b23dcadd31
SHA256

a9882acc4bcbacd5fcdb2cc0f62137ddb536abe12b98176e62f7e5108690cb2a
SHA512

1a757dbb85bc42e0b6d5230aa77f6fbd93b5bb20ab256ccf719ac9e680685838d61ef45d9abcf6a3e5793d83ac3d73ec1546426f4590a8a9a2d03aec90e7aaf3
SSDEEP

24576:8pX+kTVFSPDtyx6CXPwcuO8wOqwhhIL26De7tTJVAlbep7Zy0ewp5aUEN:C+kTHE+X9iXqwhqLq7h/26plZ7pwH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/4ceb69afc05b1475459075f2cd5688f6aa8fe6a9ff6cae0a25d742b650c62351.exe

Files

b8aa70ed9243f5aa9c8dd45e8b6c01e7.bin
.zip

Password: infected
4ceb69afc05b1475459075f2cd5688f6aa8fe6a9ff6cae0a25d742b650c62351.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ