559f3cab0509194acf2da1d3ab633280[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

559f3cab0509194acf2da1d3ab633280.bin
Size

638KB
MD5

96676bd113d376bff0e8a9f0195a9c06
SHA1

81a7f17e1dbe4f92c0be687f19742f5d0d211256
SHA256

501b7fd01fa7f5a442b227fd9269da613eed4e688d6115edf441e3dcda1d39f1
SHA512

97af77ff86000c9b373433d46b138acee43c2fcf164d0426335a716e4c6a39ca3dff0bf91c366fa32286610af69c909b91f8af05169a4e61b8d4e74e8d71cec4
SSDEEP

12288:LYj9iZEzZ0ESUorGWUYOsAcPTuZF7YXKovrebU6gvolcl7sJRXr:LYjTN0tUorpAcbuncNrebU6gvUq7sTr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/8058fdac57a403fa90c6b7d69567bbc0a829599a8e93543cc2e51f9177becb24.exe

Files

559f3cab0509194acf2da1d3ab633280.bin
.zip

Password: infected
8058fdac57a403fa90c6b7d69567bbc0a829599a8e93543cc2e51f9177becb24.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 645KB - Virtual size: 644KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ