bitrat | 9793f3fe8e7f7653e9a89870e83514862813e1122cec46936c2a96d7e42ba070[.]zip

General

Target

9793f3fe8e7f7653e9a89870e83514862813e1122cec46936c2a96d7e42ba070.zip
Size

1.8MB
MD5

b48a466100134f9fcb82fdc89e7eb895
SHA1

8eb833966ce576e7af84ada2048643bdde08afff
SHA256

ff6195dd37a9f1433607b151631aa2b0e7105bfc6cba50e23be2d42e6667dbdc
SHA512

0923b3d3dda04a36605cfbed92f1b68ff15b09ef2d2cf7c79368dc9eedf55d6c0104c45a47370af56f6495113e8c670e45d2f2e9dabafd305c2e334716a81201
SSDEEP

49152:n+PzPa2nJZ0/fRKUSvXrxxW195TIY8beRBy2HJmqT8L5BT2:n+a2nkCvtxW19514zqT8Lb2

Score

10^/10

bitrat

Family

bitrat

Version

1.38

C2

apk.theworkpc.com:4920

Attributes

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/9793f3fe8e7f7653e9a89870e83514862813e1122cec46936c2a96d7e42ba070.exe

9793f3fe8e7f7653e9a89870e83514862813e1122cec46936c2a96d7e42ba070.zip
.zip

Password: infected
9793f3fe8e7f7653e9a89870e83514862813e1122cec46936c2a96d7e42ba070.exe
.exe windows x86

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 687KB - Virtual size: 686KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ