Ambrosial[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Ambrosial.zip
Size

15.9MB
MD5

514f1511dc20dab6a436f559825dbca6
SHA1

9a9e9605bfb76da8f7f0e738058a72568f0cdf31
SHA256

05001c01802f499141ef91a07945dde9fbbf4d246508cfa9d4784d5b1f42832f
SHA512

f00dad531925453dfeb765aef202704c337e3c0cc88ba409e7722c8a7ba4f8df5b325599665b529f5482f5532c7e8739d618c7c369a06530c2629185008ae011
SSDEEP

196608:P4WxsIO2gfRMhSE8/Erd8QP+ih91qBpodTAIRq+2vBtC:P4WuIO2gfRMYbcr6QP391qBafCC

Score

N/A

Malware Config

Signatures

Files

Ambrosial.zip
.zip
Ambrosial.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 15.7MB - Virtual size: 15.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 197KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ