11601804805[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11601804805.zip
Size

323KB
MD5

c88658eab10b816ee46715f940a46894
SHA1

10069e6bd50d8441d280db695355958e4d83a6be
SHA256

233b48176524a87c50e23dabda982412f05a12599a7ced689186cd71602e7c0f
SHA512

f480cf78e29cbba02b36720b1ac72c88a553c0fb0323e5d4e0d731584cdf5b8647f7f11b78794663cb316ea49ac6c03302c0dfce35456be04f5fed2a7947e616
SSDEEP

6144:iChy5nTMD2ORgV9vozr+Wrr+dpeIo7c/Qr3b7JOhVCXUgleUYoNnD/r:py122cgV9vYrBrr+U7B7JQCXjleq/r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/cbf045ce711a9e6b8a8ce9fc48de6e2c3286f0a5dece869fdfeda0fb6bfc3fc1

Files

11601804805.zip
.zip

Password: infected
cbf045ce711a9e6b8a8ce9fc48de6e2c3286f0a5dece869fdfeda0fb6bfc3fc1
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 322KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE