infected[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

infected.zip
Size

355KB
MD5

f18f0aaa1333dbead1be24122ea7aef4
SHA1

0346c518ae5761b531f0b35ab796254ded5331e3
SHA256

b0b60edfdd8a95dd2fd955e4966ebb6b9c9b68a4f08bd4857b20077340bccffd
SHA512

b79008968d8fc00689ee78a36d61cec22ceb234009686cd6364545eb2ff3919a68bd60392ea3dd42b80d1a1842f6b60d2c5383bab991c6a355b6d01e8d6982ae
SSDEEP

6144:1ic3Z72fheFd3QZbdXyPIIoZyroT7PY0OcxOyYzGB6B0kQDM3aT:1ic3d2JeFd3QZMPIRYhMwLg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/97da8493ed1dd6663f1d7bb1d030fe08d5cf207d7cbb6363cbeca31ba39fe1a6

Files

infected.zip
.zip

Password: infected
12134767926.zip
.zip

Password: infected
97da8493ed1dd6663f1d7bb1d030fe08d5cf207d7cbb6363cbeca31ba39fe1a6
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 342KB - Virtual size: 342KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ