2cb5798ff00115e6cdbf7df025b895e2[.]bin | Triage

Sharing

General

Target

2cb5798ff00115e6cdbf7df025b895e2.bin
Size

658KB
MD5

2274e8dc21463715df1cfebe24795f32
SHA1

2cdd3b76270354ccd25046cf17f3803dcb4c6fef
SHA256

68739a6e355818f30aa33ff4298fb03d2258740ef781d814931c9d717b0c919d
SHA512

43c8c57c378a30de2f60d290e44fe4eaa09facee52aa231973956f9a2f09ea1b7e1622948365735311f6d854a9f858c0218519c3e70a1119b3090449a8533e0c
SSDEEP

12288:8/3XJ6kOSnNCgjJGycyC8nPhoSzuGaUegkN/PjllpRzzcmCGSFwiYNlssWRAg:UnJ6Sn6yphjxleg6TlaVGozWltWRt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/7979152e69f12c78be2dae9d8633320c74038f69ae8a2b3c96c70df8a2e2c61b.exe

Files

2cb5798ff00115e6cdbf7df025b895e2.bin
.zip

Password: infected
7979152e69f12c78be2dae9d8633320c74038f69ae8a2b3c96c70df8a2e2c61b.exe
.exe windows:4 windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 766KB - Virtual size: 765KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ