c1f65bd22fd1d64bb17f15640d8503bf[.]bin[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c1f65bd22fd1d64bb17f15640d8503bf.bin.bin
Size

517KB
MD5

db57ee49ed9b55c8523e09e46d2a8ba8
SHA1

8598a88837c8249f48330fb0724b131563eda66d
SHA256

af9eb1cf7c80c71ccc5f2b4ec575ec17d272ec71ec16a7ebcb2853b749df08bf
SHA512

1d76f47a83fff982108dda892664e57b524966315767c10e9a2a162f0bbdc1c042fec37f16b45fde912374136b48041d4c02988debd20d935fcca010695a58a4
SSDEEP

12288:69xnVM7lWlXDu3LLCLz57ehqQdgMwqoijI3kWP+iEJP7:69x67loTu3fC4Sqois3kWWzJz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/3bbf384ec47b9815f8d0d10033819bba7f7b301c389b3b766bd655e145757e5f.exe

Files

c1f65bd22fd1d64bb17f15640d8503bf.bin.bin
.zip

Password: infected
3bbf384ec47b9815f8d0d10033819bba7f7b301c389b3b766bd655e145757e5f.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 681KB - Virtual size: 681KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ