5609198accfb2ccedb39e7755ed6a36c[.]bin | Triage

Sharing

General

Target

5609198accfb2ccedb39e7755ed6a36c.bin
Size

878KB
MD5

0b9e363af44c75ac6fec29575cc89dfa
SHA1

85396e4ca6b66f1f9a660e061dca10a4b4fdd550
SHA256

e3ae16bb86c551e285199b4936337c98c9cf0267e636f51a69bae10a5135475e
SHA512

5b89ddf3042f475d952b9ec4c7fd45587718f62d23f459ec7327610979347bac460db892b7c1cab0645f44e19c1a243f8115dff40e4de6134754ede0f79b6ec9
SSDEEP

12288:glHPc5fxj65CSoB0vso6yEZdxtCoSNqvKm7gbNJeXO2ctDNZtFg5Myt4foAMRt:KPW6ToB0vso6yEZtCBqF+XMcltJyt4Qr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/06d30761437ffb30ac9ac077bb3761b5e4c077f3b74f8ed3b7372e104dccf83f.exe

Files

5609198accfb2ccedb39e7755ed6a36c.bin
.zip

Password: infected
06d30761437ffb30ac9ac077bb3761b5e4c077f3b74f8ed3b7372e104dccf83f.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Tosk.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 978KB - Virtual size: 978KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ