81f6b6fe3201c3941bd49243c5896811[.]bin | Triage

Sharing

General

Target

81f6b6fe3201c3941bd49243c5896811.bin
Size

17.8MB
MD5

a6a0c8e5156d472a53ad6b530063b7c1
SHA1

8f4f4742e582a641d5c3c67e621faeea465de15b
SHA256

4b56d0417179ae596a8a85bc773f8c124b50d5186a6f13305c87c767b5f32b98
SHA512

e94752f8a724a16bd65633305ad8aec1ff4ca38e163f861b0eed9d644240a03bbb14a96b683d5f18c33dd301a45bc8832d3242181031252c4b58a6b68e560d20
SSDEEP

393216:EF/hF48uRByZm2wEZpMXuf8DsbTYcO8NXsi01:MZ28G+m8ZsL8NX2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/fa4f1c0b324654420f8758b8ab1d7e0db22f0eacbff0d2e14413ed904ca54aaf.exe

Files

81f6b6fe3201c3941bd49243c5896811.bin
.zip

Password: infected
fa4f1c0b324654420f8758b8ab1d7e0db22f0eacbff0d2e14413ed904ca54aaf.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\danie\Desktop\Vikings\Vikings\obj\Debug\Vikings.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 17.9MB - Virtual size: 17.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ