ff97fec579778776ce97d2d0118bdae5[.]bin | Triage

Sharing

General

Target

ff97fec579778776ce97d2d0118bdae5.bin
Size

660KB
MD5

de74c7dd9432abf26cba29d958cc518c
SHA1

2975c7f44f42cd4892bb86a3c4fab713332482e9
SHA256

e965c8f96a32d3a71b02ee3439a5380cd6b16280527aee55c926cb2634ed36e9
SHA512

bb089a771857f0499197a6a93026620c63ad0fda26dd5a7ee91935a2021bac602439d2506dac08b3fcdbeb29bfcb426499d3aced59d60abac3f1cf1c1a9f2abe
SSDEEP

12288:tjSLW/52HEHlK8PrVmnhfjjqpZXCdPighZ+ozmxUp:tBYgZVmncvCdPnzmg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/b7d2cbbb89d8e19df00ca2912eed64113e334ae25e27151c384fe170f2d58def.exe

Files

ff97fec579778776ce97d2d0118bdae5.bin
.zip

Password: infected
b7d2cbbb89d8e19df00ca2912eed64113e334ae25e27151c384fe170f2d58def.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 743KB - Virtual size: 742KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ