file_4e5600e54628489fa0cd5003014b5017_2023-05-07_04_28_23_767000[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

file_4e5600e54628489fa0cd5003014b5017_2023-05-07_04_28_23_767000.zip
Size

10KB
MD5

f7a9639f6b82db6e48cf2141ef215309
SHA1

9d383c7297670d3c50dde91a5cac03c81470d215
SHA256

e1a0b0b10c32d275a95866a992a9ec66af7a346e76c0c294d1c5c62164818e1c
SHA512

5f0b167e339c65661f6c1871a421bb781575702bcdd82b65cc9a05d677e9081679bdaa0a3da03e568fa050ce89f2031aa105cff845b8735a5cbc9d0b7ac4c8b7
SSDEEP

192:rK2+XQ3qIUMdqJQ39ALmmUvL4IuC86Af7XKwREeE8VU8HYpyDdkPv54zT:cwUgqJKVBjcC86eGwueEko4kPuT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/entry001/muebles.exe

Files

file_4e5600e54628489fa0cd5003014b5017_2023-05-07_04_28_23_767000.zip
.zip
entry001/muebles.exe
.exe windows x86

0e144b8f2e25980362da92d1f270e9e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

pbvm70

ord137

kernel32

GetOEMCP
GetACP
GetCommandLineA
GetModuleHandleA
GetStartupInfoA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCPInfo
LoadLibraryA
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
HeapFree
HeapAlloc
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualAlloc
GetProcAddress

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.srdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
manifest.json