6489c2a2edb54bb6564df9cb218edf05[.]bin | Triage

Sharing

General

Target

6489c2a2edb54bb6564df9cb218edf05.bin
Size

541KB
MD5

c803663a880271193e2538411a19a362
SHA1

05623b108bdbc78f8b2099ed7913dd98c62288b4
SHA256

36d35f3f07fd6cd2d4b43ff938773c5a1125d5788d48bbebdddbde43cfd79a50
SHA512

c03eae537e50bfe3cb4a5b66908952ada402ab75fe48a82559d8eb9fddad5443d52303c3bfca71d0f4dcd648e758c1a05d778c365c158d7de21cce8acb2854f5
SSDEEP

12288:Kz0mVjLonNXKZhnElw0CQGTFViWq/ZPMlbvaQVgeVhGN0qyWZ:K3VjLonwrnEvcGZjQVgeVhmSWZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/3af41da6cc3321fb4954e35e6f2f13ed7c2cc547f43eb1b9a2cfd4ed9d38c344.exe

Files

6489c2a2edb54bb6564df9cb218edf05.bin
.zip

Password: infected
3af41da6cc3321fb4954e35e6f2f13ed7c2cc547f43eb1b9a2cfd4ed9d38c344.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

mOIs.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 552KB - Virtual size: 552KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ