89f3026dea32a83cc17b59f7590d9467[.]bin | Triage

Sharing

General

Target

89f3026dea32a83cc17b59f7590d9467.bin
Size

2.9MB
MD5

aa09872f9655b143acca6d93763598eb
SHA1

1664da1a91b913799394518fdceddad94848de74
SHA256

b291b542b34dfbe475683e639f0ce39110bcd17c34eb1cb7214e3e72b4f0a7ef
SHA512

5a03671a0218a72ec858352ac0288e74eed958ea01ead3d0a8f71693f128d7fc408846720e90c41b4fd41fd742be0ac4d09bf2d9d1de5f74a0a7edef9172a737
SSDEEP

49152:KanZz5XxtAhVlpksbBJYioUns90W98ayyd/oCVWmo5mqPdsVWUYEGjad9Q8w2W2t:K2Zz5BwlCmJYiNns90WoydwCVS5DdsWs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/dbf55dd5c00f37ec49e1b661228adcc0a286b3eabb35d2f85fc34d82076107f6.exe

Files

89f3026dea32a83cc17b59f7590d9467.bin
.zip

Password: infected
dbf55dd5c00f37ec49e1b661228adcc0a286b3eabb35d2f85fc34d82076107f6.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

otsoft.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ