cd39fed99d50d72f9226c104e5cb301b[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cd39fed99d50d72f9226c104e5cb301b.bin
Size

1.3MB
MD5

002108ebd0d3972823a0c187b64ba2c0
SHA1

bb5b222db7d0faf6d211da57273a345dac36e0d8
SHA256

1a6eb28d3f62c71705001be4427536d29cbeff61dd9953a1f4aecf9b8e5a34f0
SHA512

ba389839ee237c5d8b366eb89ef4a411d0bfd5f0ff6ac7807558e86f3ca459dda49c2bba6fc56956acd607d5e8fb5689544af6aa019048aa6a250185dbfff92b
SSDEEP

24576:H8XkbC2jTOkiDOfqUUay4NxadNI6xL3biKG8kX23QVKfPYd168v6SQkUo5OfCtkj:3bbjHlwaZsG6lriKGzm3QxIm6tpo5wCm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/311253d0464ee8161d083f56d0bdcd936156a6505162c9be84c9ac32fd3955a8.exe

Files

cd39fed99d50d72f9226c104e5cb301b.bin
.zip

Password: infected
311253d0464ee8161d083f56d0bdcd936156a6505162c9be84c9ac32fd3955a8.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\桌面\ConsoleApp2 (2)\ConsoleApp2\ConsoleApp2\obj\Release\ConsoleApp2.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ