mkpub_Readme_Document[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

mkpub_Readme_Document.zip
Size

41KB
MD5

ba75181932f33c03aea42eb1417b7d3a
SHA1

038829f9735786c3e1fe97bde0e05e2d1c00cff2
SHA256

f635e4812dd95b92278debf9564467a0958c0a12daecf817f148f0cb6b8ce21b
SHA512

0e70e0f2957a1547b3517a7e2e44260bd4468dbb24c470615d45377225bfc09f618a833adecc21cb5639c7e522886146818d6a19ecc37d32c39562e7974c1c92
SSDEEP

768:0eMc5VwWt1jDkbXdnTOyQxHFO+IxX2P5LIbbcPYir2lAqcdF0i09CyP:0q5VwWDjDkdTRqHFOn8tIbbeYiuZIFSL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Readme.exe

Files

mkpub_Readme_Document.zip
.zip

Password: infected
Readme.exe
.exe windows:4 windows x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

21i8onvy
Size: - Virtual size: 76KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

196akwdx
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2048vdhv
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE