ddfffbdbb97818dc43696266e7a1335d[.]bin | Triage

Sharing

General

Target

ddfffbdbb97818dc43696266e7a1335d.bin
Size

1.0MB
MD5

756a50e7c1001f72d0f71bff9a916ab7
SHA1

93ffcbd03968bf25c633f282abfb8f8f4ca83f3e
SHA256

fb44e416f489b6c613fcf97ffa0c88ef2d0362e82a7086e8d6e74580395af3aa
SHA512

5e0d4ddae6cb8a3a06bcdb0f66a80ae3387cb9e15e3b74706a2a1363ad5dd06c3c40bbca6ced5dfbd7bcd39fa805ac1d4de718a5941fda452d8bc38523fc97d2
SSDEEP

24576:h+P9VVNOig5xvLx3UHEGXXtvj+vaRBqc/aWgH4qrAbOYvLlB+tgpiBWD:ho9PNOv5xvLx3UH3Xhj+iq450sOYv3+A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/9835cb6480d111d78bcf0d9ca844c6d38de132d2852788fbf59206262262aa19.exe

Files

ddfffbdbb97818dc43696266e7a1335d.bin
.zip

Password: infected
9835cb6480d111d78bcf0d9ca844c6d38de132d2852788fbf59206262262aa19.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ