3d70a1184d7194dc0bed6dc4ecc80348[.]bin | Triage

Sharing

General

Target

3d70a1184d7194dc0bed6dc4ecc80348.bin
Size

202KB
MD5

a8e39c4f7444c5e4718f596d70668f05
SHA1

6d6a30d5ffacbca7cac798825e19656d512bb9e6
SHA256

e757188e006c5be4ea45ece8a4dff1b0864158c0345a384d0d533ab807e555fd
SHA512

3fd0a3a9a20a3402f7c2ff6fddea75b9a05327464f0a59de7e4574713718f14667b54f1a7fcb1630559e2239ae2bbb5dced314545e48b97c3214f0214c86f3cd
SSDEEP

6144:wGViZ9yzbSYXMU23/M+Ed7uWR/3dAbmmVuFaJ9:wGVE9ydXMUI/M+s7uWFtAKmVua9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/97178f14cedd268cb8f57a8405b50c5715832050502abc75e5a94e6423ad8208.exe

Files

3d70a1184d7194dc0bed6dc4ecc80348.bin
.zip

Password: infected
97178f14cedd268cb8f57a8405b50c5715832050502abc75e5a94e6423ad8208.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

BLZUE7oS
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ