bbf6104b2b2953e63d98daf9c6fec2b1[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bbf6104b2b2953e63d98daf9c6fec2b1.bin
Size

684KB
MD5

a8d33951df50219941cf9edf4ce6cc05
SHA1

7bb9ca9269aa47aad84e8a1c0622b17472c63190
SHA256

790a00a6592d2485c49c4e78ad50d92e9aea841ed51fb4540a9511f9a4717b5d
SHA512

23a0b6a9b0b0ad874967ac5482e021627a415c54460d7bebc566413b4dfd018f8d382bc9926eebcae06ea330f16f659cf08ba1d78f823c262671788a1b358719
SSDEEP

12288:YTEORUYGztDqtuYZqfqanVPzIdlusY5xVQLeR6W03nzDstKfNy7Q6:WE3qrZqVVyusY5wLeR67/hC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/605dc8045830795f0445770f524e12568592d9004296c17fe792f745dff1fab1.exe

Files

bbf6104b2b2953e63d98daf9c6fec2b1.bin
.zip

Password: infected
605dc8045830795f0445770f524e12568592d9004296c17fe792f745dff1fab1.exe
.exe windows:4 windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 783KB - Virtual size: 783KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ