AWB - 3345808270[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

AWB - 3345808270.zip
Size

413KB
MD5

f9afd2696ec499024bc48c275788906f
SHA1

ac815d06caeaae6fc26804a411846ecba1264e1c
SHA256

15d2444b018821c5e0d30a3ca15eed8882b40edf69fd33df2fb28a0e0821afeb
SHA512

1bd459576d0a36be2e4ad74f244e48ae47c40ca232642c7a37737ce0594c48d33b3ce4ce69041ca1141df03080b6c2f618611013baa5122d62a846b531cb0cdc
SSDEEP

12288:aCdnb7asXiOrJdG4iVpTLEABYPeCyozhrpYx+jTUIQ:a2nbjiOvAD0wYPNNlrpYxq5Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/AWB - 3345808270.exe

Files

AWB - 3345808270.zip
.zip
AWB - 3345808270.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 483KB - Virtual size: 482KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ