260373b0281173d7a116e4a54e361425[.]bin | Triage

Sharing

General

Target

260373b0281173d7a116e4a54e361425.bin
Size

4.1MB
MD5

528c3e4064b0fe6682b91473cde2ba55
SHA1

48d88fcdeac2f1cb0196f77e0fc6e36d85a4e702
SHA256

a17d0759547b0ea0584e773e1acddbb39a7b093702e10c83dd8bd7a52b0f2a50
SHA512

e98a07d09adcc46c128e57f4a1558df04ca3b4a9f9d457b316404ded8e11dbfc77b07ed097c335d0b6eeb8f08fef04ff339751dace859d18ee440796ab75bb2f
SSDEEP

98304:pRArF0+pxlYnRx+4E3rTfCh6BH7AlYXffm2minuP/CUqm82xAIj7wD:pRue2xlYnD+4m9ZMqXfLmis/C3F2xAOI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/36badaade40faa02d430c40eafd4a6bad3d0c3289c9435ddcf4930301f029755.exe

Files

260373b0281173d7a116e4a54e361425.bin
.zip

Password: infected
36badaade40faa02d430c40eafd4a6bad3d0c3289c9435ddcf4930301f029755.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\attat\source\repos\DotStealer-Builder (1.7) - NOT READY\DotStealer\DotStealer\obj\Release\net462\svchost.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ