get_data[.]win[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

get_data.win.zip
Size

4.1MB
MD5

f67ae502e9210b19af520ee6f80558db
SHA1

48f90b64dfae92401dd580446ad75e98dbfed3fd
SHA256

62155880fadba5762613955395fc1bb83dcbaf248223fbf486685687089c2c1b
SHA512

527dc6f697330cceab10f18824ca19276734d6362fca2e824ef30ff0fdefb13b2ff0a651b55cfc037872744677eb3a530268f938399efff7d295fd6a04ccda61
SSDEEP

98304:iQcswAFfL8+FZgjf4VuzhIVxOIw5EZezim2DXyTQhCaxtLiTaThMLlVyxz:iQbwEZgdIVxOIwlL2DXQ18iTaThMlgxz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/get_data.exe

Files

get_data.win.zip
.zip
get_data.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

VAG0
Size: - Virtual size: 7.9MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INA1
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
profiles.json