0b6276e8a6486a05ce8d5cd46d6d0f0f[.]zip

Resubmissions

15/06/2023, 14:29

230615-rtlwvshg5w 3

15/06/2023, 14:21

230615-rpexrahf9w 3

Sharing

Copy URL Twitter E-mail

General

Target

0b6276e8a6486a05ce8d5cd46d6d0f0f.zip
Size

285KB
MD5

bf8a1388309176b7362edfa1c539afe6
SHA1

c280a04a26caa2093fac618f7096c94677fa9f78
SHA256

d1ced1a5c563e91176901951516af4278bbeef1abc61170b295ed00a4c18ec1c
SHA512

475155af1b4e2ad2e40d2a73b82e23ebbb6e0cf1303b72143672f1b49ec8ba3e22bace3112f0e59ddc130c34b7056082323bcbfe875ad6bd0f51748f79dffd94
SSDEEP

6144:H+UdMjVFVOqUtIph1TqXoXulhIgvq6mj2DDHb6eu:xdMLViqph1TslqIkj2DDju

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack003/Magyar_HU237400000000000000000000000000002322023.exe

Files

0b6276e8a6486a05ce8d5cd46d6d0f0f.zip
.zip

Password: infected
0b6276e8a6486a05ce8d5cd46d6d0f0f
.msg
- https://www.google.com/search?q=magyar+posta&rlz=1C1CHBD_enNG894NG894&oq=magyar+posta&aqs=chrome.0.35i39i650j46i199i465i512j69i64j35i39j0i512l2j69i60l2.12738j0j7&sourceid=chrome&ie=UTF-8#
- https://www.google.com/search?q=magyar+posta&rlz=1C1CHBD_enNG894NG894&oq=magyar+posta&aqs=chrome.0.35i39i650j46i199i465i512j69i64j35i39j0i512l2j69i60l2.12738j0j7&sourceid=chrome&ie=UTF-8#
- https://www.google.com/search?rlz=1C1CHBD_enNG894NG894&cs=0&sxsrf=APwXEdcqQEE4AJN2ubexeKkg-qsGuTBGaQ:1686835624327&q=magyar+posta+address&ludocid=5000976295177151154&sa=X&ved=2ahUKEwi257exsMX_AhXI-KQKHfdECQUQ6BN6BAgVEAI
- https://www.google.com/search?rlz=1C1CHBD_enNG894NG894&cs=0&sxsrf=APwXEdcqQEE4AJN2ubexeKkg-qsGuTBGaQ:1686835624327&q=magyar+posta+phone&ludocid=5000976295177151154&sa=X&ved=2ahUKEwi257exsMX_AhXI-KQKHfdECQUQ6BN6BAgSEAI
- https://www.google.com/search?rlz=1C1CHBD_enNG894NG894&cs=0&sxsrf=APwXEdcqQEE4AJN2ubexeKkg-qsGuTBGaQ:1686835624327&q=magyar+posta+address&ludocid=5000976295177151154&sa=X&ved=2ahUKEwi257exsMX_AhXI-KQKHfdECQUQ6BN6BAgVEAI
- https://www.google.com/search?rlz=1C1CHBD_enNG894NG894&cs=0&sxsrf=APwXEdcqQEE4AJN2ubexeKkg-qsGuTBGaQ:1686835624327&q=magyar+posta+phone&ludocid=5000976295177151154&sa=X&ved=2ahUKEwi257exsMX_AhXI-KQKHfdECQUQ6BN6BAgSEAI
- http://kuanginc.shop
Magyar_HU237400000000000000000000000000002322023.arj
.rar

Password: infected
Magyar_HU237400000000000000000000000000002322023.exe
.exe windows x64

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 323KB - Virtual size: 323KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
aa3280b3.png
.png

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

Password: infected

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 323KB - Virtual size: 323KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 323KB - Virtual size: 323KB

.rsrc
Size: 2KB - Virtual size: 2KB