cf28ccf54f1bd2a9c8d57caff3e744d5[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf28ccf54f1bd2a9c8d57caff3e744d5.bin
Size

644KB
MD5

55b87376bcfc96728166212d6e9f5eb0
SHA1

826a8335d580c16d061c0e4f605532676d6b390d
SHA256

5121be12640fa0a5973746d33c9c0f54ba1363213035dc22676fe60da71357d7
SHA512

2e1eef37d7c16bc6de906281e975572c0acbdf42e44d23a22ab83fee3adf5cb28cb87b7e684e1f66cf6bc4de92db9b1b562821521ab4c5e200d3d0fb45149f29
SSDEEP

12288:vj4Hni6P+3gPNukoyuogPmBHz2pGstuCrCLFvqyOsg3U8M+kQ9gC+3f1JXLxXv8:vj4Hi6skoyuDySpGstuCrCBvqyO33U85

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/d6ac0eeecda07bab17a4dde0ed70aae89398fd8a85c5cfc419b3e548711f43d0.exe

Files

cf28ccf54f1bd2a9c8d57caff3e744d5.bin
.zip

Password: infected
d6ac0eeecda07bab17a4dde0ed70aae89398fd8a85c5cfc419b3e548711f43d0.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 670KB - Virtual size: 668KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ