AAct_unpacked[.]zip | Triage

Resubmissions

26/04/2023, 04:24

230426-e1kadsha4z 3

26/04/2023, 04:21

230426-eypr4afa74 3

Sharing

Copy URL Twitter E-mail

General

Target

AAct_unpacked.zip
Size

1.7MB
MD5

82bab4843208a2754cb4fc285c5e76c8
SHA1

34a0f3bdad59b11e7aba460f938ba2eff426e3d5
SHA256

547329bb6df87a4b5d14819608d1d8b357c58dfdd806657f8b894bed7edd72ff
SHA512

16beaecb95487b5c608650aee04ada586dd34bef9bd6f1f707e06ef6077adfac3da7045aa26892c98f9d0bfacd9efb5625774840fb804a3c665da7d64be4d5bd
SSDEEP

49152:5z5Gs9iPRPT+f7kIGVyoPD+44VnyyBzG5eM2n68XOF:bBf7kIy4Vy/eMs6fF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/AAct.exe

Files

AAct_unpacked.zip
.zip

Password: infected
AAct.exe
.exe windows x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.code
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 661KB - Virtual size: 660KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ