General
-
Target
10643700066.zip
-
Size
17.5MB
-
MD5
57b6b5144a3fd68aeb07a583f7c96a62
-
SHA1
14c9bfebe3938151056e39a6ec7a9205e9679736
-
SHA256
37b1874b580fc0c5896b06bd5ae855d66d15ab2be63408c0bda9dbd9441c0b13
-
SHA512
4e0b6353acb98db2183f1d25c331eb0d1524cbe3753b5415059cf8aee6c69c25dd79c6f4e02c29180cce91176b24430d427acb8fb92da8cebfe2e57f19bda6c4
-
SSDEEP
393216:KYR1fCQTdf/oQrI8zpu9GUnIGfIM0l87f8X3Nwt:KYTC8df/FU8luHXfIMMT3ut
Score
10/10
Malware Config
Signatures
-
DCRat payload 1 IoCs
Detects payload of DCRat, commonly dropped by NSIS installers.
-
Dcrat family
-
.NET Reactor proctector 1 IoCs
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
10643700066.zip
Password: infected
-
59420fbf53e8ec0620d9e4d2188fd4c5cb51c8e60f1edf2d88034a663f3e83cc
-
AllergiesList/1st Photos.jpg
-
AllergiesList/2nd Photos.jpg
-
AllergiesList/3rd Photos.jpg
-
AllergiesList/Allergies List and Allowed Substances.numb05151.pdf.scr
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections
-
AllergiesList/Good for me.png