File_ OneShot[.]v2022[.]12[.]06[.]zip [.][.][.][.]bin[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

File_ OneShot.v2022.12.06.zip ....bin.zip
Size

3.9MB
MD5

2ed76bd28e9fd48361ae04badec743b6
SHA1

f7f35e57ce9b028b94cfb5d47adb9f48b95d14f9
SHA256

9517ca0532690acf6cb64c5144a9ba785e6fb1beb909df865bcd0c6cc6b09e89
SHA512

850c9726634b19f26ef1d7664a42a5e6d8f96173943b0d3bd279eebec9a1ccb8ad7a8fcac35ddfbb5abf02e828e7bf41a179224e03bb76c1954907cbe771b4dc
SSDEEP

98304:u3yS63lnabUwrOZkp6VdgHNi0mRJE1vsx:vlQTaZk8fgHNuRJE1sx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/File_ OneShot.v2022.12.06.zip ....bin

Files

File_ OneShot.v2022.12.06.zip ....bin.zip
.zip

Password: infected
File_ OneShot.v2022.12.06.zip ....bin
.exe windows x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ