113835dd31fad6c8639724879be38053[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

113835dd31fad6c8639724879be38053.bin
Size

650KB
MD5

6127fd50a6cc37ac3c6ce575b32917f1
SHA1

3857571b0d22ba8bc539d9d56653f58650183185
SHA256

f9c2a0bd12defbbc739e2e5d9d7083bed8c07679933895d97fbd99153517cab1
SHA512

a6fee1e0101778bd3ecedbf8aa5945a033002390aefc783288e047a4aa9f981856f0c0072b9b844286caf3bb5583677044cf72477f6c745e75551348814737ad
SSDEEP

12288:8f7F7oSW9JWtoDUIUuJaISIkFQmxhYMstA7wz/q6atr6IfQo9VoHgb7XII8:8Th69muJaE/0lstA7wr+60VHzU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/8c255ded1340d62d0b2edb007b6f9880007ee07e806c0ac176ce845a28ff9141.exe

Files

113835dd31fad6c8639724879be38053.bin
.zip

Password: infected
8c255ded1340d62d0b2edb007b6f9880007ee07e806c0ac176ce845a28ff9141.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

LyiE.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 679KB - Virtual size: 678KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ