0551dcf55adc23a07d56580729730d50[.]bin | Triage

Sharing

General

Target

0551dcf55adc23a07d56580729730d50.bin
Size

193KB
MD5

457d81a8e8406b222d763aa91f2f34b3
SHA1

089ff1f5f7a8ee3ec741b0137002e7b5951bc0a8
SHA256

5d90f816922a775af1e53bd81f95caba14df600fca8203f1c90e000939952383
SHA512

9c7ee93ab5c001ddc3c9f2a50b9a89cbf5f9ec9cc056d588e98e7794127c93583cdb2e9e2bbe84d7b8cca565345d4efff6d0f9656639017eeae209edc0bb91cf
SSDEEP

3072:sCd9IOoMDU5JdYfpZbo79D6iiX/GPliiVHzdwgLo/tJFHBjag2ZnWcE2UVZCr:nccg/UO9D6iGifwgLYR2kgUar

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/1cc823962da2fa7a4d6fee8335ce8d92c6b44be627803cba85a1bdb8184da1d9.exe

Files

0551dcf55adc23a07d56580729730d50.bin
.zip

Password: infected
1cc823962da2fa7a4d6fee8335ce8d92c6b44be627803cba85a1bdb8184da1d9.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 229KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ