cf11d3a64d8ea9fd79db10cc83d71179[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf11d3a64d8ea9fd79db10cc83d71179.bin
Size

823KB
MD5

143438da2433c380cdb5461afb79f110
SHA1

76986664b3df69344687cadc0aa49640835a6ea2
SHA256

5b88498df58dc1ee2e0e12003f647eca9cd098ef135da17fe0d41414323ef8d2
SHA512

b9870e5c033d8f9550c13f295dae63e7cf9cb2383c76d3995fca3ac2adab9891778cc86b3f007f7e0b4fcf17085c3d8d2ceff8551623c0eac2efec7e735b1e67
SSDEEP

12288:Grx/Y0S0meD+XMhy2a2l8p4NgRRz7jJovZISQ+RLwwTMVewX83yGYUVHn9Axs13L:OlbkOhaMY4NgRYvZakJT1wAyG9HnhJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/f8aa3880202328a119071117878db0c3b5dc03a5cae3cb16e00cd2353598a913.exe

Files

cf11d3a64d8ea9fd79db10cc83d71179.bin
.zip

Password: infected
f8aa3880202328a119071117878db0c3b5dc03a5cae3cb16e00cd2353598a913.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ