cff39149d540e851536383f64d5f5568[.]bin | Triage

Sharing

General

Target

cff39149d540e851536383f64d5f5568.bin
Size

488KB
MD5

6e1019a31aad52ab251d55e4809a2d16
SHA1

5d0fee4c10db01af52a15bf69c322b21efd2e02e
SHA256

90fdf55b14e521049fce00f26fe2a9ef8880f41862c6dbec38d275189797c501
SHA512

6375502e1f3d72cc0d9f5f3a563e0d5bb26fcfbb54b54f3e4397df81c58fe5f749c996cb90355b1836d3a24dd9c03ba1cbcca4be20ed1c89c7ab90f5a860c978
SSDEEP

6144:5oPtacUzfLHD49jg/dHuLl+uEWVC7l4HvYS2j6StIXwLhXYhy/yjRWhAMqEyIO+h:5X7Eanu0OHwSS6S4wVWEhI0TXqR9bg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/795af0703ab2ab7cfcfcc38449e7da1a20967be437e5877ee27da317b3991357.exe

Files

cff39149d540e851536383f64d5f5568.bin
.zip

Password: infected
795af0703ab2ab7cfcfcc38449e7da1a20967be437e5877ee27da317b3991357.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Eusz.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 506KB - Virtual size: 505KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ