ac9c4228cb02b691494c6c5e0164c621[.]bin | Triage

Sharing

General

Target

ac9c4228cb02b691494c6c5e0164c621.bin
Size

651KB
MD5

0f66d527cb67a71b2f358b5116aa88fe
SHA1

05c1efb147b9d223f195168ed087a89aca6fc2a7
SHA256

922bd023a0ca27b08c13dcc108cc20bdcdd83990048e7a0210983316938b8ccb
SHA512

36978320a4d6525006d2e1a6477f52fa6ba3e04fb4b2379835e6698027058c3beaa890defe1cc6551ca75ddd431428337ac858d2220b8ef276819473c1f4a537
SSDEEP

12288:dMCUVCbYoLGk7hbDC83WW9lWrkjklnHXzHOMiE0ZFV/eXZLHP39lr+:adIyk7hrWVw61N0ZP/epLHPN8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/d77a164d8b30492de1b35ad59a1739780b8691ab5bcdaa63585b1e02127abe04.exe

Files

ac9c4228cb02b691494c6c5e0164c621.bin
.zip

Password: infected
d77a164d8b30492de1b35ad59a1739780b8691ab5bcdaa63585b1e02127abe04.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

tgey.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 740KB - Virtual size: 740KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ