CONFIDENTIAL_DOCUMENT[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

CONFIDENTIAL_DOCUMENT.zip
Size

602KB
MD5

a88d9765a213382ca00a377b2e8c1e36
SHA1

774a56aea0ced31b79574796c3c7ffcd4b4fbd86
SHA256

e81138827a5df147b38f63a7448fb718c783b51302f14591de4188da60ac3505
SHA512

d786f6569b6705d2b7f24ff50913fe72eac7d30493aa525d5c00b56e6e918cb36e4b7efebd9abea702f253f8e8b39676aac66a022287d4e83e50e88ef3c63462
SSDEEP

12288:lPdfxOV7rCxP02CCtJf8s/bEme3vsYbdFDtFYJRYkQK7f:l6VXCxPHCCLf8s/Be3vs6ZtF2rQu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CONFIDENTIAL DOCUMENT.exe

Files

CONFIDENTIAL_DOCUMENT.zip
.zip
CONFIDENTIAL DOCUMENT.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 589KB - Virtual size: 588KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ