540d3bc5982322843934504ad584f370[.]bin | Triage

Sharing

General

Target

540d3bc5982322843934504ad584f370.bin
Size

2.3MB
MD5

843f9984e565d50bae2b94b494f6783d
SHA1

ea92f50d77d5794fa83d687c1d8a92f3a2b5b965
SHA256

5b018658021a87dcb547bce89d0bd3365b0699ab8c95fc628b1927a821dd2aef
SHA512

8cf665cb6f58f6699857ccb401f2a0da1bbaae7267032a4256fa2c23b81a267bd2c5eaf362115875bc51df7f59efde95335640d0ad12ee2e9a0a39a642d13171
SSDEEP

49152:sGLErVEOM8Zn01CDVzdiVbebaQgYZoGBQUAifw2MSDtzftnX1:2r501YBiSaQrZoGxAifDM0xf1F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/6b0a2617bdea47c4a673c02ebde8ffa709d4526cfdff9cf7f8502afc10da390a.dll

Files

540d3bc5982322843934504ad584f370.bin
.zip

Password: infected
6b0a2617bdea47c4a673c02ebde8ffa709d4526cfdff9cf7f8502afc10da390a.dll
.dll windows x86

Password: infected

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 804B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ