9cd35d2b2c1c6718d5e07ce40f2e856d[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9cd35d2b2c1c6718d5e07ce40f2e856d.bin
Size

264KB
MD5

624344e71320a3d4aaf419b58d06d682
SHA1

74852dc9fd554540c49154c8b061323611850fbe
SHA256

699b81bf3da4f1d1bb5520f5fa7ee0ed6f3e11fb6044d6b93d267e6e353df634
SHA512

a62a58e7638f859d366137a3eb76547e080ef3ad3f527ebbdbf322706bdf537601d3e2fbd9de05ced003ecd367abda84a105f7744b900edfd2e5a334df3b3dcf
SSDEEP

6144:ZngNcxMyVePeWiUAWWYjoAI3Vf+Jz1GnULCAL4PGIIkMh3:pgNcxcPLAWWYUAIFf+empI4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/c5376fed188816b36c7ba573a2b6fef57df8ac892ce301f4f43ed588c5eebfef.exe

Files

9cd35d2b2c1c6718d5e07ce40f2e856d.bin
.zip

Password: infected
c5376fed188816b36c7ba573a2b6fef57df8ac892ce301f4f43ed588c5eebfef.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 428KB - Virtual size: 428KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ