dd73709f2f213c8f63b74d05e37132b5[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd73709f2f213c8f63b74d05e37132b5.bin
Size

640KB
MD5

44b6e769c4aeadefa7c8555392407c8b
SHA1

5f514e49783eb2b095878e0c149224a6559fbe90
SHA256

a3cc56deaf8dcd3fcee8e4e2e173770ecbe4351e88bf14ae94aaf5876673fdf8
SHA512

e0b11439cf9e9148b1290420f061f1249f708024a4c82694ab0da8ed6a2623099c1a8ce7d690695cf29fcc62e7dafcfde18b2e74b5b6f4c1493c4c587fd002b7
SSDEEP

12288:+L97rXjYZL3kxfTQnXNF+ranH9s1tupidLUax75EWv1u9M47:+x7IZzkMb++yesrx75vvo9B7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/4ab10d5cd36b812cebe488d54250014cf4b363a61fcd3a32b318a19b2d774d7e.exe

Files

dd73709f2f213c8f63b74d05e37132b5.bin
.zip

Password: infected
4ab10d5cd36b812cebe488d54250014cf4b363a61fcd3a32b318a19b2d774d7e.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 891KB - Virtual size: 891KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ