0acd5fdeb1332e99679f9c5403fd5dbe[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0acd5fdeb1332e99679f9c5403fd5dbe.bin
Size

732KB
MD5

776b0d5965a0cf8fee5c6fd587ec7d15
SHA1

72c2d5913e1eacfefdfa2d29723f1330eb9e9c31
SHA256

4a878437b8680c619136d2eb87ce66b1be7037353b6c9d24b8e87bbae2cfd102
SHA512

0f62154c61ef16b16598fcfc3392df7da9d2dc29fabb6d9569af0406e9e1b44e65a193d6a5607eebb886446bfa4e47f81171560c973a462236b36bbda4e70b85
SSDEEP

12288:jKVrxKC1NqKreQeC9M+D0TRzEDP9R4GzcVTefxmwIDRJlm5eS9PSJKcjcIAh:jWreQeCeSfaVCZD5AJODh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/cc81be39adcb8ea105c75106084f7b6809014aede70b52fd7eb2f41d5c7c288c.bin

Files

0acd5fdeb1332e99679f9c5403fd5dbe.bin
.zip

Password: infected
cc81be39adcb8ea105c75106084f7b6809014aede70b52fd7eb2f41d5c7c288c.bin
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ