231004-scamyaef28_pw_infected[.]zip

Resubmissions

04/10/2023, 15:29

231004-swvr8aeg45 3

04/10/2023, 15:04

231004-sf2wlacf8z 3

04/10/2023, 15:01

231004-sec6vaef49 3

04/10/2023, 15:00

231004-sdjbgacf6z 3

Sharing

Copy URL Twitter E-mail

General

Target

231004-scamyaef28_pw_infected.zip
Size

50KB
MD5

4475fa331b2812101491c454e3bda5e3
SHA1

dee9b097824c23494368db5141c5189569ae852d
SHA256

04ac18e225452f10b37402c8bf60d2e49686642c0fe76e257f5d271cec2abdba
SHA512

1764c1a9926af668301a5ae2f132d62fb33fcd8316f31a0dd5befd0ffd7ab192b2c65cec10541de1edbae70deb2df578f7ff18c343ae1bf7fa3f1e17ff8bd397
SSDEEP

768:OgE3sdHyHaKfRCCruWyORgDLFyv4Y6qpMco0C2Ann+c3zztPYhWjHJu0oOC0dsQj:PKfRCgYnIy1Jic3FPK6HnoOC0OADyU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/rnpasswd.exe

Files

231004-scamyaef28_pw_infected.zip
.zip

Password: infected
2ad44a23_DFYs8HTuTY
.zip

Password: malware
rnpasswd.exe
.exe windows:4 windows x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 12B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: malware

Password: infected

Headers

File Characteristics

Sections

CODE Size: 75KB - Virtual size: 75KB

DATA Size: 1KB - Virtual size: 1KB

BSS Size: - Virtual size: 2KB

.idata Size: 3KB - Virtual size: 3KB

.tls Size: - Virtual size: 12B

.rdata Size: 512B - Virtual size: 24B

.reloc Size: 6KB - Virtual size: 6KB

.rsrc Size: 5KB - Virtual size: 5KB

CODE
Size: 75KB - Virtual size: 75KB

DATA
Size: 1KB - Virtual size: 1KB

BSS
Size: - Virtual size: 2KB

.idata
Size: 3KB - Virtual size: 3KB

.tls
Size: - Virtual size: 12B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 5KB - Virtual size: 5KB