5ed5be6e0b1f72f6e5c7e2b6d9a470da[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ed5be6e0b1f72f6e5c7e2b6d9a470da.bin
Size

420KB
MD5

1b9dface220d0cd16aa53fd9e9a7284a
SHA1

1632271c7eb8b031d8faa71c491c2416cade98b7
SHA256

975ab86efb3c44f8cf26f4117bd4246466f2ce5c1066c0c63b7b824ab028038b
SHA512

5001c644fee132c29b9c9daf1569d0d4e87cae9c6c8234aee5aaaff6fc91fd874a869da05baa9c41c611e06c2663e3277d879aa21b000fce97e380a7c69fd565
SSDEEP

12288:bEWztZbFdtsZj93UJhCnQuoEAx9CJAwEPN5K9zaB98OHP4OP:bEWZZbF/+jOmnxcxIgwWHJHL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/8cbde99577f26190ebf83a23e5adb8260bfd7a0fb978566c7c84f72af40e7e2f.exe

Files

5ed5be6e0b1f72f6e5c7e2b6d9a470da.bin
.zip

Password: infected
8cbde99577f26190ebf83a23e5adb8260bfd7a0fb978566c7c84f72af40e7e2f.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\56zm\xzd9\obj\Releas\Zaq1.pdbpdbdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 421KB - Virtual size: 420KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ