GJKH-sam[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

GJKH-sam.zip
Size

528KB
MD5

cb8151e3437140afb65f2d5066707d36
SHA1

5acf2769bc6d98601b9b47f7ee5b362aa2bfc8de
SHA256

20aaecc8c059efbf719d9920e9a30683b9b598077e7994481ccd03cbd76f3bf8
SHA512

811a7b4f64efc2777e4597fe8585db7026c99c033b51e9dca1f0313e79b05cd89f018a3185d72e3a138016c9dd3e75cc91b2ab75bfeda414fd577e44187facc1
SSDEEP

12288:r882P9AqvrIgvvGprGsFBt8BNUJyMeTBDNExKWT:r88o9AcdyrnF6NUYM6Vc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/dc353de8e426e5a5934ca6cc0a3c164a6ac10599fc6341db12a9f7e7d3eb5f02

Files

GJKH-sam.zip
.zip

Password: infected
dc353de8e426e5a5934ca6cc0a3c164a6ac10599fc6341db12a9f7e7d3eb5f02
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 615KB - Virtual size: 614KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ