140000000[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

140000000.zip
Size

735KB
MD5

5b8b9b7a79ce9db3a86c31321c3baa51
SHA1

1b631ec72f77397d4eea7030cecf8bb52df300b9
SHA256

56b3a09df48b9d6b8924664e02c95d0b07bed7b562ef783100f906542a3e9b30
SHA512

fffc160ec063179afc1930cd8f2c8278eb265717ee6283faa02378aa7b4e63ab62bca906eaedaa3da1bc562194c17fbfc15102345d3dbf1c16177da61bc327db
SSDEEP

12288:wO/1PzR8vFJsMpBt+JKtGhzXjsOuZ3uf2EVvQln0hh924wO6Yqq6yM:wM1dSFyMpBtKzzjOr4I0ZT3qq6yM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/140000000.450c28d9fa95df73196d31007b020462bbff20b0aac90774aafe5d5f020ee620

Files

140000000.zip
.zip

Password: infected
140000000.450c28d9fa95df73196d31007b020462bbff20b0aac90774aafe5d5f020ee620
.exe windows:6 windows x64

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UMZXUCTH
Size: 820KB - Virtual size: 820KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

GMKLHETH
Size: 656KB - Virtual size: 656KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

NMEEJDSS
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE