10701670211[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

10701670211.zip
Size

521KB
MD5

43532136f525301ab928daff61abfafb
SHA1

8745a9a3c2093f973fcf8a0e4fc36e30f13b6185
SHA256

a453ac6d1a0834b41730a119f17862ba8ff0c6054c83c7477ee263cf8b7a4ecb
SHA512

e0f6ac5b47b2161ce3e817fd7aca142d335bed28eb178524f660f93a6a5928fdcae261dfffc38914b32e7f934b5510bef926d1199f790c7d789f92e2db2ac350
SSDEEP

12288:z4+XzGG67scg/hN8dEpR45Dl2kGMFDIEPQGV5dm0bIrM:VXzGG+Rg/b8WI15GM9l4GVHmdM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Sfazqilduugtht.exe

Files

10701670211.zip
.zip

Password: infected
298c0a65fb389435d7716d2375950a5b5e18870b7ba463f3c8ac2eb4520a7802
.zip
Sfazqilduugtht.exe
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 378KB - Virtual size: 378KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 446KB - Virtual size: 446KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ