59d922ea8927648089227a1ffc5e700d[.]bin | Triage

Sharing

General

Target

59d922ea8927648089227a1ffc5e700d.bin
Size

590KB
MD5

340694c5b98ecc413fc9cfd61eb286de
SHA1

2dd782451102fec7dd4e0bbf058ff8d28bad290a
SHA256

ac09bb755ba44fe491ef0505d567a4b131a5e51c9d9129773f3d783547edfc98
SHA512

49abfa47aebef8be0030f0ef2a42a7a97d4639518f91ae27b05508b4f6a0739b5063672745b669b92a183ffd22e13d8fdd756f12a3d20d82a497bdc201b62f01
SSDEEP

12288:FRy0NmW+gxyCEcKw0ZKWScBA1l9F0ZZHj0aXJ+iQp6wLvgD:FpoWoCEcKw0ZK1MA1J0ZZHlXmW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/b98c25c9332c08071cdce0e2076000fc1c918b058af7bfd572724b1e86f8ecb5.exe

Files

59d922ea8927648089227a1ffc5e700d.bin
.zip

Password: infected
b98c25c9332c08071cdce0e2076000fc1c918b058af7bfd572724b1e86f8ecb5.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ