d6ab3fc2af456e87088f640d4cabb8c5[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d6ab3fc2af456e87088f640d4cabb8c5.bin
Size

991KB
MD5

00e1ba7e04d9eca755db2ca0110b8b70
SHA1

8db94365a5675317e8077a603dee21ec679b2fef
SHA256

bdf8b41c889cf2d2dfe5717b25d0a5c7ad669d5b3b956016f2eca0046573982f
SHA512

830ea6a6029dacfa0f4886ca2aaf6f45dc93bf049dcb6bb9c32a17454d4e50d98d67530bda96f004d945889430f6e85b159b6691810636307f2a8f891492bbc2
SSDEEP

24576:G3A4ZXuK5dabI2xBWE4v002baDMbQqO+GU:GwkXuCgFxBI2AMS+n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/cd1d53de473b9d6a924d7942acc9f8e09fcd6bc452ed1fa4935f3ca692d9cc44.exe

Files

d6ab3fc2af456e87088f640d4cabb8c5.bin
.zip

Password: infected
cd1d53de473b9d6a924d7942acc9f8e09fcd6bc452ed1fa4935f3ca692d9cc44.exe
.exe windows:4 windows x64 arch:x64

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1005KB - Virtual size: 1005KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ