INFECTED_HP2019W01_2023-05-25_15_51_23[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

INFECTED_HP2019W01_2023-05-25_15_51_23.zip
Size

709KB
MD5

2cd311b6ce0f2ccb6a5548864753a2b6
SHA1

54dd45e7dd354d6b72a87ea1f636924542f920b4
SHA256

d216cc4a5b4600e0b0204c19eac7d0b2b7ecec4836d3aebc8e390873be896cd8
SHA512

a8594cd6af78b41222298cd57cab34067354f7d26d55f274a9590e010e81382201b3819954da264e687ad89b3ba93c1960f84d0f79ec7e7a0b5d46061d229af7
SSDEEP

12288:MHhcytD9ZjJU5MEgPeR9+5dgjNTEuAOmaNIIeOlATLWdxZhjDGzzVvDyPzxO08LD:uFF9PUqfeR9+fg1yOmZI9eyXvGzzVvDJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Device/HarddiskVolume3/PROGRAM FILES (X86)/laetjr/pdf/mergepdf.exe

Files

INFECTED_HP2019W01_2023-05-25_15_51_23.zip
.zip

Password: download$$1
Device/HarddiskVolume3/PROGRAM FILES (X86)/laetjr/pdf/mergepdf.exe
.exe windows x86

Password: download$$1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

....
Size: - Virtual size: 700KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

....
Size: 708KB - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
manifest.json