bfd92dedefe429205a635a38096429a2[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bfd92dedefe429205a635a38096429a2.bin
Size

210KB
MD5

f0fbd7591ad4ac428cbb102b2391dfb1
SHA1

1106b0bc8bb545224ef040acc8ffef7f4f68f160
SHA256

f1adee9c3e4afc9e8b7c4cdd99d3027d6923dc3a67b08bf6eb7bbdfd515bc6ab
SHA512

329c5464ba2aa5ee6429635aa5edb80624ef188db6d36b57fb2419812175472ba178b6a85be3d61bd9d5d07e46128233ccef9d898839cbd806a2dd40f225205f
SSDEEP

3072:FuPWQug13X8Skebak73IR9+jTEA6/WGfLxAsDirUy:FuPWQHX8SBa03kMTEAGWGTxARUy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ce0ae1416a4841144e8a377eed2a11fef988b08042606bac8121b4a4abd5391e.exe

Files

bfd92dedefe429205a635a38096429a2.bin
.zip

Password: infected
ce0ae1416a4841144e8a377eed2a11fef988b08042606bac8121b4a4abd5391e.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Administrator\Desktop\dev\BrowserGhost\obj\Release\BrowserGhost.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 484KB - Virtual size: 484KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ