10505857282[.]zip | Triage

Sharing

General

Target

10505857282.zip
Size

420KB
MD5

472c595a27c849d1a33a2d3b745f72b0
SHA1

f149ecf2c56efd89bb7fac83832958aa576c61c5
SHA256

0e7730befabd61cd065e0f72f8a72703b01a56d9d8dadf6b0a8a3ab13deab0d6
SHA512

8a40d11553c07729eb2a3638cfde01dd61bba385eba57b0bb26bdea29211dc62f655f9f862ebedc009368c1369d6623bc81b6539216822ab14f5fb0a810fa8f2
SSDEEP

6144:pGMTViNC/EoKlVBUThfyHTAoz7xeUh9LFjH1sfEujxLOzKMe7X6:pG4soQrefqTAoz1eU7LFza8IhOzy7K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/0324352432563.exe

Files

10505857282.zip
.zip

Password: infected
360cdafe3a7c17ad135a4b981559b3b0aab76493ee67300c864a814c336c097c
.zip
0324352432563.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 497KB - Virtual size: 496KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 242KB - Virtual size: 242KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 64B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ