dd9c4e8460227266b5d380389e7d9ccc[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd9c4e8460227266b5d380389e7d9ccc.bin
Size

552KB
MD5

8702c30da00f7f34c90d2c122bb46acc
SHA1

56d5546a4fe3b0db06d2b2865d6be4ee547c3e75
SHA256

a11c21cc4b789e022cbb1176e91603f833d5dd9e452fb717e4f4279b589ae85d
SHA512

4c15b9a0838b676bfd954f9c7f4934fd96b722a79a65017991f70c8033d1da613ed792a7034bd26b5f49d900460ebf629d63689fc38da3da9b1377363833ec06
SSDEEP

12288:Vd8nK70rXLYAYBQMkmA9U88CM8BHN9198L3wpWyqTQE4wvd:/IKwP3FMkf+HyHVCbJyqT3j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/55979041c0dde9e724da45ec9d88c717a18b0fb414adc96fce5387ce9b6e772b.exe

Files

dd9c4e8460227266b5d380389e7d9ccc.bin
.zip

Password: infected
55979041c0dde9e724da45ec9d88c717a18b0fb414adc96fce5387ce9b6e772b.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 639KB - Virtual size: 638KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ