1bdbd5c1ab6fe548bdeeb09d39a4f695[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1bdbd5c1ab6fe548bdeeb09d39a4f695.bin
Size

1.7MB
MD5

7391ad8bfac1426b8d7d5a1d5e88c964
SHA1

0a6aec5153b0c093e49af45cbe1f403e8025d0a1
SHA256

b45149fc6a894c95251809e6dfb94cf0e9f7f09ab5fac904c1d2991d16a19a7f
SHA512

85f2396a6e4fc768a0a6df6e0f95c60e8745fab9d683031ceb10c559b8281e26ead60cfba891c8560dee6be6ad4669e1f1cbd65beabec900270c4b2dc3c1507a
SSDEEP

49152:vFT/H1HwbOluSDEWcLrLDQ+NwrrNLB8pNQE:zD8LrLDdirNLBENQE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/cbd9fe54df365905b812f5fe8a1305fd98bd98f7fe92e426ef3c1d4c72d49f72.exe

Files

1bdbd5c1ab6fe548bdeeb09d39a4f695.bin
.zip

Password: infected
cbd9fe54df365905b812f5fe8a1305fd98bd98f7fe92e426ef3c1d4c72d49f72.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ