AJCZ[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

AJCZ.zip
Size

2.0MB
MD5

978d70364c15c71dc0d9ca33b8a827f4
SHA1

80c777d5f1595e79d37138b70c505f1237ca9cfb
SHA256

8d7dd6c551c1b3dd5fa622bace6086d6be14f6343fb89bdece3a1c2753f3f72f
SHA512

918435ea3c33a82ea985e8af337986df8ff6e00578ed3219618003e46b424fc9bf8cc0af407c5d7b0958b00527b86c7cc35b3c44f3847aa8599b5647540a72fe
SSDEEP

49152:tD83ZR7e8WngjYZZFktd6eQyDCieihpwkJhkXkWy:tQvePngEHF06ADCibAikXty

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ea8406ed0469799ed23d66d2f759aace9eeb460432d6a62b64e35ca8cb285c86

Files

AJCZ.zip
.zip

Password: infected
3af504bff6826b81d0093b8d153643afb6e86d78db4dfc2cb6f9574ea14265d4
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

18:9e:45:48:84:77:34:a9:48:12:42:c4:37:09:9c:d5
Certificate

Issuer

CN=%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%

Not Before

02/08/2023, 18:01

Not After

03/08/2033, 18:01

Subject

CN=%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%%^^%

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ae:05:1f:50:d4:61:28:27:25:22:7e:3a:b8:ba:10:df:04:53:4c:14:fb:c8:0e:8b:8d:75:46:38:77:04:8d:07
Signer

Actual PE Digest

ae:05:1f:50:d4:61:28:27:25:22:7e:3a:b8:ba:10:df:04:53:4c:14:fb:c8:0e:8b:8d:75:46:38:77:04:8d:07

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 278KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ea8406ed0469799ed23d66d2f759aace9eeb460432d6a62b64e35ca8cb285c86
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 246KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

18:9e:45:48:84:77:34:a9:48:12:42:c4:37:09:9c:d5Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

ae:05:1f:50:d4:61:28:27:25:22:7e:3a:b8:ba:10:df:04:53:4c:14:fb:c8:0e:8b:8d:75:46:38:77:04:8d:07Signer

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.sdata Size: 512B - Virtual size: 488B

.rsrc Size: 278KB - Virtual size: 277KB

.reloc Size: 512B - Virtual size: 12B

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 1.3MB - Virtual size: 1.3MB

.sdata Size: 512B - Virtual size: 488B

.rsrc Size: 246KB - Virtual size: 245KB

.reloc Size: 512B - Virtual size: 12B

18:9e:45:48:84:77:34:a9:48:12:42:c4:37:09:9c:d5
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

ae:05:1f:50:d4:61:28:27:25:22:7e:3a:b8:ba:10:df:04:53:4c:14:fb:c8:0e:8b:8d:75:46:38:77:04:8d:07
Signer

.text
Size: 1.2MB - Virtual size: 1.2MB

.sdata
Size: 512B - Virtual size: 488B

.rsrc
Size: 278KB - Virtual size: 277KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 1.3MB - Virtual size: 1.3MB

.sdata
Size: 512B - Virtual size: 488B

.rsrc
Size: 246KB - Virtual size: 245KB

.reloc
Size: 512B - Virtual size: 12B