13eb2bb3303156d695ecf3f2b2c09eb7[.]bin | Triage

Sharing

General

Target

13eb2bb3303156d695ecf3f2b2c09eb7.bin
Size

32KB
MD5

65302f026c4e710262f095e20595c27e
SHA1

5b196127d532113123d2de153f7b237fc75b359f
SHA256

2717732bd1b18153a65172c661ee28e5926c2b24c1e556cca701c9f3b6973bdb
SHA512

f9effdf775298e34f4ce94f8aec193e5dc04020f8d6a11f5c6b323cc3eb2de95503df5982f956bb0ff823b8ea145770894f5a5d1af5f7ba02092821ce009b13f
SSDEEP

768:KV8fPeKbCNzpSvTyb88hZS/2DAvBpps/Bt/Crq7JKQMdT:KV8fVUz0uw8C/2DoBpps/Bt8q7JKQQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/8680e9ff0246c2b7cd4a45a9c6262851ce8d12e4638e48cb1baec267c2b6ea6b.exe

Files

13eb2bb3303156d695ecf3f2b2c09eb7.bin
.zip

Password: infected
8680e9ff0246c2b7cd4a45a9c6262851ce8d12e4638e48cb1baec267c2b6ea6b.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\danie\source\repos\Qwest\Qwest\obj\Debug\Qwest.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ