11f44531fb088d31307d87b01e8eabff[.]zip

General

Target

11f44531fb088d31307d87b01e8eabff.zip
Size

106KB
MD5

9458859abfd384f38362af01fb306f14
SHA1

2f507cca69fa3ef6cd091d27b21e99cfe1b73506
SHA256

6cec2bf8e5bde0a9d885ca6276d5a3d77affe4225824836a762984e7ecdc8a40
SHA512

6e839f4c92d2afe50d1feb29be0c72a8b511523cbfa49d99d2379feabdc0e2376c1bf2e3b03782592e5d9a69045913b18795d643e802171040c95c53ccca094c
SSDEEP

3072:RUehtXqP0AxDUIhAtLlLnmQofdRrHw0DMUHHu:R1tXqP3FsLlLolzHHu

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/11f44531fb088d31307d87b01e8eabff/iroto.dll
unpack001/11f44531fb088d31307d87b01e8eabff/iroto1.dll

Files

11f44531fb088d31307d87b01e8eabff.zip
.zip

Password: infected
11f44531fb088d31307d87b01e8eabff/iroto.dll
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.code
Size: 344KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
11f44531fb088d31307d87b01e8eabff/iroto1.dll
.dll windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.code
Size: 344KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
11f44531fb088d31307d87b01e8eabff/research-1646684671.xls
.xls windows office2003

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: infected

Headers

File Characteristics

Sections

.code Size: 344KB - Virtual size: 344KB

.edata Size: 512B - Virtual size: 176B

.data Size: 1024B - Virtual size: 4KB

.data Size: 3KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 8KB

.rdata Size: 68KB - Virtual size: 68KB

.bss Size: 4KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 896B

Headers

File Characteristics

Sections

.code Size: 344KB - Virtual size: 344KB

.edata Size: 512B - Virtual size: 176B

.data Size: 1024B - Virtual size: 4KB

.data Size: 3KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 8KB

.rdata Size: 68KB - Virtual size: 68KB

.bss Size: 4KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 896B

.code
Size: 344KB - Virtual size: 344KB

.edata
Size: 512B - Virtual size: 176B

.data
Size: 1024B - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 8KB

.rdata
Size: 68KB - Virtual size: 68KB

.bss
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 896B

.code
Size: 344KB - Virtual size: 344KB

.edata
Size: 512B - Virtual size: 176B

.data
Size: 1024B - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 8KB

.rdata
Size: 68KB - Virtual size: 68KB

.bss
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 896B