1c9f3c0258e923c07e1943498c789a3d[.]bin | Triage

Sharing

General

Target

1c9f3c0258e923c07e1943498c789a3d.bin
Size

7.6MB
MD5

6c1542c1ba30e400028f36948a3f2942
SHA1

a38ffec1c23307666ce4c869575d4c5b2ef9a258
SHA256

4176c73349661244c48811502344a9dc75a8fad60c518bbee1e670a0d9d92c12
SHA512

e2f022a9e999da243a4f49424d4bc15f5a4498539eeda58fb0049908b2f789a07ec615e374e8d7a1c74bffd39ebe7f5c799a5dbd866e7075085e2c5095a915df
SSDEEP

196608:5AtDSCxUvjaYSsciUUipnKZMpZXhk4u6aJ+DPf5nlpTjMGH:5u+1auc9UigZQZXhkXQt3zH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/925329eac4d8dfc71dfd0d222e935b31fb340bbb70367c7abf6553d921b64e55.exe

Files

1c9f3c0258e923c07e1943498c789a3d.bin
.zip

Password: infected
925329eac4d8dfc71dfd0d222e935b31fb340bbb70367c7abf6553d921b64e55.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 7.5MB - Virtual size: 7.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ