ff8252c670f91627fbba522902f3ac1c[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ff8252c670f91627fbba522902f3ac1c.bin
Size

303KB
MD5

da250097f495bf9bc4c8e3a626bd118a
SHA1

14982019efe27be36350d7e166a1abb688e48399
SHA256

769edc6af76da44c88dca5321cd45d061c60e7ba59cfb6abb80f1bb3789cff39
SHA512

e065d36033da462d9415f63dfc28af7c750dbdb8f2dc1dd004b1329bbc57d5d755efbc4a22a38756c404bc9a1cbe4f4a49e6974054849a7ade500d7f6add5012
SSDEEP

6144:0KGngAX0aJ+8evkVghAgTNiJA8MOm2y4CygQhGojUJT+hwN+4UBGpGZ9NurJ:0KegcJ+GVghAgTNi4A/CyfGRJqhQ+Vol

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/c7b56c37ae4ad97175e4194210c60962ffebe02194088c71a912b173f1f3e2ba.exe

Files

ff8252c670f91627fbba522902f3ac1c.bin
.zip

Password: infected
c7b56c37ae4ad97175e4194210c60962ffebe02194088c71a912b173f1f3e2ba.exe
.exe windows:4 windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 635KB - Virtual size: 634KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ