dd7982876bbf22b96050a3ccb0e7919d[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd7982876bbf22b96050a3ccb0e7919d.bin
Size

593KB
MD5

48570c8293010d40e5e1df2338337b0e
SHA1

db019fecf988b3858d49b69f403e8e0c2b6b5ccc
SHA256

8404786e0c6327765a9ec3d6bf8721c9156a2a03565cf6be297ffbbea5fcb89b
SHA512

fb297a455c4ab86b1b4af90b93872a158c46d35bfdca0081ed1f14c1bd82282840b936c71a62f1f660829c403afcf78ac57a99275391fd2b8a5c69af777fc854
SSDEEP

12288:yn00BNJ6Xesdh4VMq2jberOsMDESzf6aVeloW/lIoR:yn00BNuXuVh2H+MDEDHHR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/fc72fd6a4fdc1440d122d98d90279ff898193f68a63180da90eb5ec2495062d1.exe

Files

dd7982876bbf22b96050a3ccb0e7919d.bin
.zip

Password: infected
fc72fd6a4fdc1440d122d98d90279ff898193f68a63180da90eb5ec2495062d1.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 620KB - Virtual size: 620KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ