unbosetup[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

unbosetup.zip
Size

614KB
MD5

7388438b64b769e83843c7680da271b2
SHA1

b791c34629ec17c2040c69c732d176d26cae4444
SHA256

6e59d1eee53bd50f4dbcb2e22c27ac486db51ab2d2f2bce97967f5680c6e0bbf
SHA512

73631646510c007182616d1dc97d037c89481ffa53f55be636f064d4fab752de9503a1748cf466123e99e8c91ca73c78c48f251670c9ab86c8d8bb62aed20d58
SSDEEP

12288:uCl2GEsXnxjurhQxxLogAslVMbPih60oFbmTxQ+fz9Eq0lQHNVzpEmmkJ:u42G5FurKxLDKbPuoEm070WHNVzzmkJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/UnbodSetup.exe

Files

unbosetup.zip
.zip
UnbodSetup.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

nbiFbmMi
Size: 70KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bw4lTTgo
Size: 194KB - Virtual size: 984KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jdbaQ1uE
Size: 32KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

QEVat2KK
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vTMTbQ5W
Size: 7KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ve125qzs
Size: 312KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE