59bdfeadc9becdab96fe6110bd33ef9c[.]bin | Triage

Sharing

General

Target

59bdfeadc9becdab96fe6110bd33ef9c.bin
Size

940KB
MD5

97f943d31748f0b4c5db4475e0e9f09d
SHA1

4c64bfbb92804915562ea4db27f62076fd95688d
SHA256

5ac3619566ff131100970cb38317af15c0c67ee29582e2ad634c2f4b1a6e8103
SHA512

f3e6158d4a76ab76adc8e8c1732b0c76a879875ffdd47494e6d3c76b4d97f6a9d22c611bc76317636a50c8f0e480585967ba975fdc8c14c8054865e1540b54db
SSDEEP

24576:G9REOCnu9WFTixG+mM+Bn7Uu+4ZFXfRfCFOejhIK:GMHnfFTP+Kn7/PFJfSlb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/d224dfde2a5b1d9d11cf216aadcc86cf33364aa44d8b76d8528d14183900e221.exe

Files

59bdfeadc9becdab96fe6110bd33ef9c.bin
.zip

Password: infected
d224dfde2a5b1d9d11cf216aadcc86cf33364aa44d8b76d8528d14183900e221.exe
.exe windows x64

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ