7995396208[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7995396208.zip
Size

235KB
MD5

cbcd6859e75ae9f3e2f7dd0e33d4d677
SHA1

09f56787e0c5890087d578c774a447ac691bcbd9
SHA256

f7114f49533e42fe4b183b71e665e1140f4504694d872f57ba07caaf57fcece3
SHA512

501372f88851c439fb0be81580c1710e9592dfe2e3a85321d0bd81aa064099c7da21a3fa83e582d51ae7be6e75ef42591cf1d0d41017fc91a055a5b38f0c42da
SSDEEP

6144:CDFyNysKh7yHHN0V5z8MC+GoKmjgzl94fxd9jGC5:CByN727yN0D8M98R94Zd9K+

Score

N/A

Malware Config

Signatures

Files

7995396208.zip
.zip

Password: infected
ffebda7512c78ba73ffa40dd02b59fd22cfa8e1bf48cd86e7b2d54e19c061134
.exe windows x64

Password: infected

a46ea633057f9600559d5c6b328bf83d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualProtect
VirtualFree
ExitProcess

Sections

.bss
Size: - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 230KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ