General
-
Target
10637632580.zip
-
Size
16.0MB
-
MD5
e4e46b27b24482068456340ae2a8b42e
-
SHA1
6d088ee1b1771b05277970153f6cfa246981c1bb
-
SHA256
e0f0fd5df01c90110329854591ddacbfcb4bf63dafc2a3afab43d7107a5f7534
-
SHA512
2cbab323301212ad7f26c0eda0d4c27aa38a63bbaf5d0afba26957c79a991aa69cf65643d16f46956fc69c647c170ecbe75a16d86a6a20a83d581b1f661cfd54
-
SSDEEP
393216:3qZq4jjJ57Sayn/2MEST4JCGeJQxR4iYlPEnYB/fMLYdt:qrjjH7SaQ14BearnkPBnbdt
Score
10/10
Malware Config
Signatures
-
DCRat payload 1 IoCs
Detects payload of DCRat, commonly dropped by NSIS installers.
-
Dcrat family
-
.NET Reactor proctector 1 IoCs
Detects an executable protected by an unregistered version of Eziriz's .NET Reactor.
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Files
-
10637632580.zip
Password: infected
-
0d43bf5e2d0ac7a304545e55bb242438e1b82e3dd436eaf7a4ac36df9f33aa80
-
Allergies List and Allowed Substances.numb05151.pdf.scr
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
Imports
Sections