cec816960188a34222c09dc73bf6d863[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cec816960188a34222c09dc73bf6d863.bin
Size

294KB
MD5

a013febca69a6f4338c0f07778b58cb0
SHA1

6424ecc4d8a9f25c9d8cf7dd65c8da1018f897a8
SHA256

4b2ddc39ee9145a3e0b80132e77e7bb4bded6cb29e98c6d437ed6445ab8b7423
SHA512

8ef1afd606d5485bb549c82973fe907a52a5392a063ca1cb4186d7c0334a9d906722094dee01ec7e73e78d6ec3c2d0ca653c47631b6cd0451bcf85e1dd947bca
SSDEEP

6144:biNnb3dSq+RFThYTYdtUhQhWoDq/g4Dl6j60rr7nGEXIaC8hG0oPaeL79:bCgzbN0YwhQh0XO60rrKE4a9XoD9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/05b0abfcd182e11dd4cab4c7b830edbd92f8001fbe7ed91876acdd5c49904a2c.exe

Files

cec816960188a34222c09dc73bf6d863.bin
.zip

Password: infected
05b0abfcd182e11dd4cab4c7b830edbd92f8001fbe7ed91876acdd5c49904a2c.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 302KB - Virtual size: 301KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ