10509239223[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

10509239223.zip
Size

917KB
MD5

e08160d5e1e7d556770fcfcc9dd7907c
SHA1

ac9f70f83dc4d9d57b0cbe8648db89cebf7379fe
SHA256

85155021fb754804e46ab4b59da97d4d3e9ed4e0c7f76e213649b3be90d7d6bb
SHA512

5132ea0b57dec88bed94747b75e3b6dc15b2b815dd8e87653cb610a315902bb58f0e63c6e9f6dffc69995c949c583b2d422250226fa1cc420fbc1f5e30d783e2
SSDEEP

24576:+iSbObVVOh72IDwMp55j2IpzzisaeDF873XjzQAQE:+zMVVYVDzCIJ1pmjzQzE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/1f583db11fa7b6002cd05b80c521f2b583552c3fdac0f6748a8eb3daeac7ce9f

Files

10509239223.zip
.zip

Password: infected
1f583db11fa7b6002cd05b80c521f2b583552c3fdac0f6748a8eb3daeac7ce9f
.dll windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.data
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ