d1bfe5dced7785f6ed04ecea70874680[.]bin | Triage

Sharing

General

Target

d1bfe5dced7785f6ed04ecea70874680.bin
Size

1.0MB
MD5

2d3f929340667659c2ab820b100855f3
SHA1

6488efcce1725cb246bb3e7740a25062c69ab1cf
SHA256

fc951d317207c3645bd31be1b7fa508fc95d878c2de11a51a864d885dcec6ea2
SHA512

9a6e0f477c88b83dbabf59d2e638b22c01f1c5762395f5bee9686c2e6e3ccad886aeb935aac0e7437af3f56e5862ea4d34db07f3999c24d2e667c07c71ac9da2
SSDEEP

24576:sq2jzPH+K2ZorKFRdbXWTr1IBikDRPaKG6bsdccZ7LimDBdXXrZwjr5lHU5:sqarH+3ormRpXWv1IsIRPZG6b07Ww7rl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/6e3cf5c7cccc4369fbed86c4de5bb59d7bb40c1ced10cab8b0bc733299d45ea1.exe

Files

d1bfe5dced7785f6ed04ecea70874680.bin
.zip

Password: infected
6e3cf5c7cccc4369fbed86c4de5bb59d7bb40c1ced10cab8b0bc733299d45ea1.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ