8179676571[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8179676571.zip
Size

8KB
MD5

f15d062265e920a27e826148c1333962
SHA1

959c7c47eb55af8b464229af578f0b565f3a3dbb
SHA256

6aa6e163ad73471be60a2fc8f2bf08f0cf1d95c46b5933896e290c9ae8e31c1a
SHA512

d37d33ec91d3b48a38fee596d146739b7c5127d9dd599338ef0ae9ef6cd1ef857da5b7b447023e98c5cac8e34a8b621f17289ce226a8e784a1bf966db2322c99
SSDEEP

192:nWY+RbQcdxYDCnEL26IyvtcK7CxuvKT8EXOa3mOSdVzMs4:7+RbLxYDeE/EPxucOa3mv5Ms4

Score

N/A

Malware Config

Signatures

Files

8179676571.zip
.zip

Password: infected
784aa3d8bab6af41ee0f2cb6cb9d3b02a80b1d80d5c270cd8b0abebc6eb2c32a
.iso
COMPRA_MB-220834-1A_Shihlin.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ