4c9d147c42519b53bc1bf6fe9b4233b9[.]zip | Triage

Sharing

General

Target

4c9d147c42519b53bc1bf6fe9b4233b9.zip
Size

704KB
MD5

86dc098df7754581cad6cafb2f0baaf5
SHA1

e43fe8bbcdf3cc4bd8c1403d34e4c6c6dcf20384
SHA256

715af8f7dc4416360914c75f00a78f85412dac1269f3370321c95b34556f7416
SHA512

a805daf8c2c466cba3196e8caafe7ad1a557443d6f260be284061e8bf2c490b7392210e1b995ab99009c092f0db911e5779695c4f0fe167cda77da64e4535e03
SSDEEP

12288:WH1ZhxPEMTDJQA7eRwSEpTRftwvJWR+tlPQMTRH9zy5qk5VDHhBCep+7:w1ZhZEMTDJR7eRsduYYZRhi7nHjv+7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/TT Swift Copy $90,000.00.exe

Files

4c9d147c42519b53bc1bf6fe9b4233b9.zip
.zip

Password: infected
4c9d147c42519b53bc1bf6fe9b4233b9
.zip

Password: infected
TT Swift Copy $90,000.00.exe
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 801KB - Virtual size: 800KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ