dfac226bccfef789dc0d18e6d39d646e[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dfac226bccfef789dc0d18e6d39d646e.bin
Size

229KB
MD5

23249ece94797fa57305d84c7fa4cd37
SHA1

c2ec10d8380d1714f44668cbaec94ca0d6b812b5
SHA256

b34b7314d976f82fec3959fb10fadd5a8e39892dbb79a745ef5c82f00b618804
SHA512

56991e42b2c8690b256294847926edce39d1c3bf38fc1a3a19b6833f852535191417b230a051200030821a36fbd7fb225332757c4ce122fdadf1c33d24c7d8fc
SSDEEP

3072:+iWc8VeV3re+gQ7VJciNaqmoPRB4WKQQ8L3/JGEWWXey3vdeaTyIFDgrAqlwhDD6:+ir3re+pPciopwv4WKD8LXWgvmIsAqIq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/02922fa6b12ab0139dfa5f9253c26ad9691745d405e4f0c257b41a71fd75b3b1.exe

Files

dfac226bccfef789dc0d18e6d39d646e.bin
.zip

Password: infected
02922fa6b12ab0139dfa5f9253c26ad9691745d405e4f0c257b41a71fd75b3b1.exe
.exe windows:4 windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 231KB - Virtual size: 231KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ