10975486379[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

10975486379.zip
Size

43KB
MD5

8ec21be38ea72054d3334d3dd6a6ce47
SHA1

eac7ac1d29ac20ab666d842e9cc84f964aba0d1f
SHA256

e227df23be65c96fce3422dc898704846b2bbf9836163c16659ea52f2b7d90bb
SHA512

ba4b52e1ad9e52de5876850aaf2c865850cb85bce97ccda3920705b8e3daaaef652ee4488f0be0c84743123230007d00efdca2726799aab20f89465f7a82a971
SSDEEP

768:LffZJ7+vgpHeVcHz8l3GvIRdXO0RY/Cb1JDFGi22wznM5fKXJNO3svnChW1g9j:Lr7ppHRWxXLRxOLM9KksPx1Aj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/9dc25503dd1fda98919611d5f2a4c339e8ba4a765b3afc089b51c6f1f5d28a8c

Files

10975486379.zip
.zip

Password: infected
9dc25503dd1fda98919611d5f2a4c339e8ba4a765b3afc089b51c6f1f5d28a8c
.exe windows x64

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ