Zb8491f738214a68R29[.]tar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Zb8491f738214a68R29.tar
Size

1.5MB
MD5

702ac4c4c0357dc0454c4104fa0a2593
SHA1

c8f5741fd16e135b009489a5db219aac490e24b1
SHA256

340a9c147b86ef608267d6730cba7c58bf0c99f534321b735e6c7860cb48f7df
SHA512

02e75f4634000a6e1a3402267406dd807ca3fa237a49a0eefa61742e4ec9cafe23f61d03755883658f019daf88998c2fc9adff81da8614d961df25c8aae903f6
SSDEEP

24576:uj3IQ6FGI6e2HUuYNtKvV/1muXyYd5sCzVE/B3qfdmEuw1WLMt40H48s+G2BQxd5:y3tRxHUi/1WYM4VE/tq1mw1WLMu0HpBe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Zb8491f738214a68R29.exe

Files

Zb8491f738214a68R29.tar
.rar
Zb8491f738214a68R29.exe
.exe windows x86

Password: 1522

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 496KB - Virtual size: 495KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 662KB - Virtual size: 661KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ