ed8b3713eb5e99e89d8c25e0cf1a1c9c[.]bin

General

Target

ed8b3713eb5e99e89d8c25e0cf1a1c9c.bin
Size

830KB
MD5

bf7762e3915c96478632f89211bc1e3e
SHA1

0db3d1918379111682c001c0b2fbdbbcb7a40cee
SHA256

25fd4cd243caf6ac3e7e66c7bd9f5ad3de94d52d4cec438ecd4f596429ddd0ae
SHA512

d6542e1758388551d8a8ef3cc64969a54bc31d24984d23af6094a68fc971629711f17658011df8b068deb389f041ae3d895fe9c0ae2dc26e44fc85220e4b76b0
SSDEEP

12288:o3dOeDGR21tSSiDZRAv4+h9fCeheSvb0dRaFPHs96men2/WpSRQRXkaoznY:1CF/iMvHbCehp0yFP+6menDAQqzY

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/RFQ 412.24 10.09.exe

ed8b3713eb5e99e89d8c25e0cf1a1c9c.bin
.zip

Password: infected
e29e2c1019428f23f92327c4608c6aa8038b39889432be5bb0c7ce96ba63bacb.unknown
.tar

Password: infected
RFQ 412.24 10.09.exe
.exe windows:4 windows x64 arch:x64

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ