17d116c9cad012594b8dc6b9d7ee4fc6[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17d116c9cad012594b8dc6b9d7ee4fc6.bin
Size

529KB
MD5

1e6e86211cf52a451af14502349daece
SHA1

a5cc9c5257966fecf261e8eaaa9a716bd75c2c57
SHA256

b5dd82a29c2c84d53dd014aff5985470f8a1df501c62b208f2a976b37cb72060
SHA512

014d406f4845c5ff7e1973f8b5ecb3bef8e4bce47921212c3cda5aeec56d56d456ec3c9630626dc8d004188c48dd4d94f45a321e2ce083a1f73584beb21485b8
SSDEEP

12288:UEHECPKkOkSB/80d606aLGYJi3xcfDgGF5BlsU08TsIqV7Ere+gSsn:UtyK8S1fN6mTIBcfDL5/w8TsndEPb4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/2f545a7da6e843f42aaf2ee4a32c18247de0193acee11b6cfc2f7ca74ff9ab66.exe

Files

17d116c9cad012594b8dc6b9d7ee4fc6.bin
.zip

Password: infected
2f545a7da6e843f42aaf2ee4a32c18247de0193acee11b6cfc2f7ca74ff9ab66.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 926KB - Virtual size: 925KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ