Arkhiv_WinRAR[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Arkhiv_WinRAR.rar
Size

1.1MB
MD5

626849f0a88b63d7eb50cc7862678255
SHA1

8d064923573ea884a713a4340ab01853e4ef6d6a
SHA256

27c073810f2b3086c1697183e7ff9e694b28de24bbceee77c3ae8bf6812e4a28
SHA512

9d84d9d7a0f3f0fbacd2355a9ba5a4c55a718992073a4b4242a2dfbd40d80b446282250052d064c7382c9fb1fece0e3ca0e0f405a40c243435761e9bc93374e0
SSDEEP

24576:DoFqkN5KXWbBRbcaEhBju4MSlrSeMl9W/RdbED0o3xzd:DoFx57RbcjvP5VCW/RuD0o3T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Debug/2015 - 2023.exe

Files

Arkhiv_WinRAR.rar
.rar
Debug/2015 - 2023.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 174KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ghghg
Size: 910KB - Virtual size: 912KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Debug/Includes/Delay.txt