b58f5c667e17dfc7676ab4ad6486d4b7[.]bin | Triage

Sharing

General

Target

b58f5c667e17dfc7676ab4ad6486d4b7.bin
Size

2.4MB
MD5

1a96e7de8f6e1bd097b679a76408d0aa
SHA1

f8a948fd82ac21f974c37e82a1eca57d05e5250c
SHA256

0a1fb54ad7b9366c9a754183ba0602bb75203db87227a75d85ac347d0c6b6818
SHA512

eb4a76d0c8d46dc24f43e6c060c447e3710d1194bd5fea23453acead5329fe0b453283e17e670baa7928cb9facfe25096ad098e88637b48f591cceb2e5e701c0
SSDEEP

49152:V+rIPlDyCejFx0hnhy736ZjWdH10YYPzMU4NrzMzqkvr6jVB7:VqAHhftWUP541IO9jVB7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/ca285d2b340f7cdc2b495675775d0769decadda571c3858201d9ee44298ede3e.exe

Files

b58f5c667e17dfc7676ab4ad6486d4b7.bin
.zip

Password: infected
ca285d2b340f7cdc2b495675775d0769decadda571c3858201d9ee44298ede3e.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ