171194d42cf2664a2e97134ff4256ebe[.]bin

General

Target

171194d42cf2664a2e97134ff4256ebe.bin
Size

895KB
MD5

cc9f1ab32191b8fe676b51a1ba55ddf8
SHA1

eb6fabcee6a9155811f755a029e7a63767aaca98
SHA256

940a2239cb96f1eb81f16dec7d931f22e8c7ddeed3c69a2ae3fdb1faed5b2006
SHA512

e554627ac9311f7c3db5aee909bfdc2442ecde873317435ae55034893edc1e21d31aaea7ef62c7b6ab3f38e322b1319617e69f3e7177736f1c54e85eb614e39f
SSDEEP

24576:iiNfmxQujTFpLq8omyFIflABVGi9CY2iVSoBhp:zNfmuujTFpm8BPflMVJ9JN

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack002/UPS_CBIJ90511770131.exe

171194d42cf2664a2e97134ff4256ebe.bin
.zip

Password: infected
1cbb5545584352a663a85cab6ec8088f8ce523a9ad6f70c070c7a3258c2db458.gz
.gz

Password: infected
UPS_CBIJ90511770131.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 950KB - Virtual size: 949KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ