d8daf5dd7816250aa778a6f83f073d69[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d8daf5dd7816250aa778a6f83f073d69.bin
Size

568KB
MD5

304254ae3098b654f1c9c711faef76f8
SHA1

ab83fa3517ab072e56f515fcd54cc708272e66ca
SHA256

eb7f21e6a5c6f9c6ec04f5e72f58a6a02f5e4dd482a45332ed99e6cfc2a3718f
SHA512

d963f11636607bce556e03866a031aaa42e587ecb2fdfe2d5e3f5a95d81d54917801c15dfc1c79ee0270ba95cc7d6470906b3c338d25dc721485e46b943670e2
SSDEEP

12288:jnUx3q+Y9rMkzm8lW8nBsdKjoFAmGSwlALV/YlXrJ2ZVu:jn6Ydc8Bi+oFAmlwKLurIVu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/3d42be817eb0a150a642713d3234847e943dce60e98a3e9722d9fa01d5c880c4.exe

Files

d8daf5dd7816250aa778a6f83f073d69.bin
.zip

Password: infected
3d42be817eb0a150a642713d3234847e943dce60e98a3e9722d9fa01d5c880c4.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

ivyb.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 607KB - Virtual size: 607KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ