cf89a03d499a9da3518a943bdaaf3f9a[.]bin | Triage

Sharing

General

Target

cf89a03d499a9da3518a943bdaaf3f9a.bin
Size

442KB
MD5

549fc6e30c8196c835566875e88099e9
SHA1

ee2e914f73b78ccb7f5b7618826be3e6c903342d
SHA256

ee17941713be610733db7fe7fe5fae7bf2bcc3cc5dc5b9bba593c6d624dd631e
SHA512

08cc94f88ea30a7bb3b6ae96bf2191bfd3ddecd9631162e68282da3ee52156601fe66ed5fe51d1649e7bbddb0ea340b469e098b1e06c9360063ec48fdeb45c0e
SSDEEP

12288:m4AeEHXZyC0XF28yzXomWiDoL3GMGJwSadrXww9e:Z7EHXwYbXlsGNJdadrXG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/8c366bddcc19d07924b953259274f43f30c9a70f726c70420f8a01e07a209734.exe

Files

cf89a03d499a9da3518a943bdaaf3f9a.bin
.zip

Password: infected
8c366bddcc19d07924b953259274f43f30c9a70f726c70420f8a01e07a209734.exe
.exe windows:4 windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ