458d13e193d1def40ff8862d04ee3839[.]bin | Triage

Sharing

General

Target

458d13e193d1def40ff8862d04ee3839.bin
Size

630KB
MD5

0bca7593329ce6b529a3b71ae76645e1
SHA1

bcd522f22c70915f219f0742de1e7e6da8efcbc0
SHA256

c946c6ece983be6b90130622fcbeb0e1f89052fafb2e609cd258da609cc8e8fd
SHA512

bdaebab549681adbb746df0ba88c8cec33c450a15294d151ca93dab4f456bc18378647d679c8a703622b052aa0584270b31e31d0f89e60c3a8c3eeda8c59c25f
SSDEEP

12288:xQl5dLpieFN7z4K3kJM9slNe6cZaxdlPqcQlJNcA8Bylng6He:Kp/zHoC9Ue6ckxdlyp5yUgme

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/ddc5d1c80b07a16ba4a2d8d289dcfccaa1c2f25a525d96f223be8c8eedf9e9e6.exe

Files

458d13e193d1def40ff8862d04ee3839.bin
.zip

Password: infected
ddc5d1c80b07a16ba4a2d8d289dcfccaa1c2f25a525d96f223be8c8eedf9e9e6.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 672KB - Virtual size: 671KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ