db6bf30fd61d330a5466459124fd4f21[.]bin | Triage

Sharing

General

Target

db6bf30fd61d330a5466459124fd4f21.bin
Size

774KB
MD5

f15af01024cff734e85df58c88d7a593
SHA1

e25ccf07d55b2c75fd57e5e571e4b7f9f65cd0a5
SHA256

e8c888ad87c5b9e62670edca84a5fa468cd92ad1137beb727cfb42e8b327d03c
SHA512

b1a01c94806335478204dbab9e7987a616d01ccf047b82f6fb6ee1d5d70ba5369ad67fd335562a2fb26203a0cbc9102f6f452f142c3d8598daee31f0110fb7df
SSDEEP

24576:9ssVnQkufFke61o6k/0hHaYR8wNrPsWKV:9bnYjqXk/0FZnNUr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

unpack001/20e3320ed125693938485c94c8ebf1a981ed2d717bba86f137a4b327757946fe.exe

Files

db6bf30fd61d330a5466459124fd4f21.bin
.zip

Password: infected
20e3320ed125693938485c94c8ebf1a981ed2d717bba86f137a4b327757946fe.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 628KB - Virtual size: 628KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ