6yit4er609y65498yh0th9806j9ytr0hnoirghytroi[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6yit4er609y65498yh0th9806j9ytr0hnoirghytroi.zip
Size

273KB
MD5

9d9f617e4284d286c747d4aef0435a66
SHA1

2fdf9e9ee78607cb27ef3194f5f1229be9e91eff
SHA256

c546952472c463d75a99efd34a2657159b2e458ccb8f0c22ba287a86fa4144a5
SHA512

89861b9beba161e3dff1b5443e648455dfd2e8ce10424c5287528aabb745b4888b58e079fb26166034c107a01fd1945e0c374e0c18e39f98ba7c0cb9a6ec66e2
SSDEEP

6144:B6cFwtPRbL3zBDN7g3KHfSiHkfZs39OaeUY5a3gpgyDYZpfxW8KcMqBvBqO8Byb1:aBRbL3VBE3UHkRs39OaJ9QfDYZfpKcVj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/f68cc9e29f1ecfff3aa27db553bb3cfb144db3a13b34e691cfc8cd0844c23d32.exe

Files

6yit4er609y65498yh0th9806j9ytr0hnoirghytroi.zip
.zip

Password: infected
f68cc9e29f1ecfff3aa27db553bb3cfb144db3a13b34e691cfc8cd0844c23d32.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 780KB - Virtual size: 780KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ