3d6f64ac2da2d4a6efaa052ffdc0e42e[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d6f64ac2da2d4a6efaa052ffdc0e42e.bin
Size

607KB
MD5

a88c2e19754132d7579fde6cf8ac8f29
SHA1

c816186e7efc16369e7b3e2958514aa269cd5798
SHA256

fd195431461ea816848c765a64b26c396f6b31df26d91581cd683b825840644c
SHA512

dbb3549b019567aff05561d2c5ebdbb4669014789fd7e963a81c9ef6ae2ba196a90f1809970bc81e54dd4ef9935cd8a040757ca95a795f6d4017cad7b36f780f
SSDEEP

12288:jLSgd749SK70p9v/6Piz/9Rn0DEYWis+X5oP7fimdUH4JidQhkfkG6YwbmtErnXJ:jLi9/0zGiz9pxYWf+pARVJiihZbYErn5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/8ccdbedb6c1f62b1947305a3e0c4af2983e6529fafa8d045762b58bbc33fd89f.exe

Files

3d6f64ac2da2d4a6efaa052ffdc0e42e.bin
.zip

Password: infected
8ccdbedb6c1f62b1947305a3e0c4af2983e6529fafa8d045762b58bbc33fd89f.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 568KB - Virtual size: 568KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 261KB - Virtual size: 261KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ