IdHx[.]bin[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

IdHx.bin.zip
Size

537KB
MD5

50eb8c3622840760a982e1103966a0e1
SHA1

f8220f1b9ac665b99acf7015426d2784f354e78b
SHA256

0dd82a565888c0c9d4eb6582ee9d0ab378bc265317ef2b12d30ce07c8106dadf
SHA512

d37a16a198f07e5d62fc2dcd2b8bc65e875584076d797e0dbcdb13afbf16dae6383a0a0ea3ea7e53c9469083f8a300f5eb4b8efcd71c1cb7d9fd70ccf9fb62f4
SSDEEP

12288:toDqGWN+/cnkqiaUQem+DFEsGktihfVUL1xzQX:SGGWNAFQD+hibEQX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/IdHx.bin

Files

IdHx.bin.zip
.zip

Password: infected
IdHx.bin
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 563KB - Virtual size: 562KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ