d165540c81717a55a387fb95522f4c70[.]bin | Triage

Sharing

General

Target

d165540c81717a55a387fb95522f4c70.bin
Size

635KB
MD5

10da37153353495bec5c239fcc71dc51
SHA1

3564c3419b0a48ff26de00b6e850b3bdf0ea17cb
SHA256

b101d8b6f3c338d800d18067b898f1987d3af899e258a8bc1c48a8b8ce0007b4
SHA512

99d7a88c7e88117192a69d05ff8eeac1f1ac5fdac9c157cdcac55c6132600e943c02126e58633edc2c6efc859d574c067ae0698bb244cd4423f642cd819a3927
SSDEEP

12288:WUQDCjnn8/vQm/e7W5Akwx9lo/exlGD1gdOiHRBtV4J4g7Hvx+lxn:WRWjnn8/vxcIwpoWqD1gdOixrVcPx+l1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/e1302a180a4b617dbec5f4ab8c7e58492fc32af989f32fb8cdb4db5d9fe62e4e.exe

Files

d165540c81717a55a387fb95522f4c70.bin
.zip

Password: infected
e1302a180a4b617dbec5f4ab8c7e58492fc32af989f32fb8cdb4db5d9fe62e4e.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

WSZO.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 657KB - Virtual size: 657KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ