ff3b117608241bb04e4391c7e10d6cec[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ff3b117608241bb04e4391c7e10d6cec.bin
Size

9.2MB
MD5

2016454272e7170f4c5e86da271587ad
SHA1

6c77fb08f011b1ba696d0bd674e59dbe575f8591
SHA256

fc9ce52df68a130f4d2092f7001cbe181388ffbfbca546ba7be6338efcd09373
SHA512

6818af017f3e59faf276d02521aa52a08ed2224ab1cb9a0503978953c45d9abb540e9086101f1c5b4b32853bb20fb0d51a609854a8de5499a48a97640e56d74b
SSDEEP

196608:INKCSt4qMgkNEWULzUbszwL23YnRryNB2FVl5OW7Vv3:T6fNdULzU2wawHD5Xp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/b9227d7e4f23ca2c3b3e9bebe46f29ed955fe331d6b14affd796c66783a0931f.bin

Files

ff3b117608241bb04e4391c7e10d6cec.bin
.zip

Password: infected
b9227d7e4f23ca2c3b3e9bebe46f29ed955fe331d6b14affd796c66783a0931f.bin
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 21.7MB - Virtual size: 21.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 366KB - Virtual size: 366KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ