5bdedf806e54c19d7a43cb6b07ecfa8d[.]bin | Triage

Sharing

General

Target

5bdedf806e54c19d7a43cb6b07ecfa8d.bin
Size

2.1MB
MD5

485058cd49286a3dd9bcc7f89afafada
SHA1

4a75776366009a037fb09af47b94b10d37a39075
SHA256

aae49d76a321b47b9be7c9a34a47c47ebebe0418dff4c557c3d0ed0f6b57edfd
SHA512

bb367bfb010a9a7013de89d0e83754ceb8e9f8ac8976f2307e3ee08cbcd07938e6e7afc68ba288bbc5031092ba8e93058c853e319f2d943bd397a4bb5d0d53b7
SSDEEP

49152:jvYIKT5fvzh5Iyh7PugmKXfTsU1zAUdBHReYKa/32WM3:jrKT5XHhrEKXfQozBdIRav2WM3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/0fcdc79a162043d182a461fb538be45fd27b6d7b9bda489bedc1d51730adc0c6.exe

Files

5bdedf806e54c19d7a43cb6b07ecfa8d.bin
.zip

Password: infected
0fcdc79a162043d182a461fb538be45fd27b6d7b9bda489bedc1d51730adc0c6.exe
.exe windows:6 windows x64 arch:x64

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 259KB - Virtual size: 10.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 179B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ