edcce91324050def7e045bb06be5e0e2[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

edcce91324050def7e045bb06be5e0e2.bin
Size

666KB
MD5

1aab806bc3ac3f2f180d418e75519293
SHA1

ad6ec863b56d8a9d5e561fddd72745ce38c5d702
SHA256

a55316dacde7382dff963121e33c702ee75e72d02f80361902ec71690398bbf4
SHA512

f36ab5876bbe165554001f7a54c6236056023b8b93f0ec95d52ca7e0a8a50d4473f55f36243fe7907b2ffa4faf3f6746dcc2fac0b0b5590a5e2a8253e9d14ce8
SSDEEP

12288:lfOa2VRafITOlk8EogFM6IaJmzYWYgO6vJTTi4QGKRTEg2tQA+nmLt8secMJ7wlu:lfOtgfb+9L+6IaJ9EThi4Qd4g2FZ7ecC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/e0c7a974ee35a0e9410cee3e9bf9e0f6d265e14064449db9e288da4d92e7b447.exe

Files

edcce91324050def7e045bb06be5e0e2.bin
.zip

Password: infected
e0c7a974ee35a0e9410cee3e9bf9e0f6d265e14064449db9e288da4d92e7b447.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

zhkg.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 710KB - Virtual size: 710KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ