5e740d5e64d7a6a7a639c58b17888b9d[.]bin | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5e740d5e64d7a6a7a639c58b17888b9d.bin
Size

2.9MB
MD5

dd24a9c30ed8be064e32735caaade2bb
SHA1

8694fca3d4d3a0d61fdd086e2ae03d5252909ab1
SHA256

3e2eca417da22113c2fc010a3839de9eefc8d80305fc86eec74b83d576686233
SHA512

79761ac321d12cebd0929fdaaaaddea0aa6bdd093ed4f7e546bafc679dfca56b5c934bcfa77a6e90be259a0ca58ff6a4e2a0347adce5f856be83db87303229e3
SSDEEP

49152:vKWyCucHNKa6JASo9legEm4IHEi50Mzx9/6y3fHs3G69o8v1wVTkvG:25cHNkJIMTikiiCx1p3vsxo8NAAu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/3b75c5aa9fb6e4827a34e72254c7d7ead6b41df7a079dad06234fd3e76f1cf95.exe

Files

5e740d5e64d7a6a7a639c58b17888b9d.bin
.zip

Password: infected
3b75c5aa9fb6e4827a34e72254c7d7ead6b41df7a079dad06234fd3e76f1cf95.exe
.dll windows:4 windows x64 arch:x64

Password: infected

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Exports

Exports

V_FixDoubleSlashes
V_FixSlashes
V_IsAbsolutePath
V_RemoveDotSlashes
V_StripLastDir
V_StripTrailingSlash
V_UTF16ToUTF8
V_UTF8ToUTF16
V_snprintf
V_strncat
V_strncat_length
V_strncpy
V_vsnwprintf

Sections

.text
Size: 8.5MB - Virtual size: 8.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 483B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ