725C75CDB5304B0DC078D4DFF2D258C1[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

725C75CDB5304B0DC078D4DFF2D258C1.zip
Size

92KB
MD5

1d8ba62f32ceb9c9e61984423adc918e
SHA1

121c7727f5adee9dddfed6511d4a2f84d9a19425
SHA256

dc62d53728c36ff66ae49f8f48c2604d92ee1d69852d11533c00bac81fdd3ef3
SHA512

aa9ab536e1cbdf2e26e2f99207de4b8d2ffd4b86d8d565fb0c38a545b30341304894bca7d6cb958457fcf9722c0185540d7c60382af59fc0e4b6999f3e0aa19e
SSDEEP

1536:lfa8EI0JYaAmXDO5TejBzXgWy5/DEaLWq4s4Kh6K7x/8NPGo7dp8caFXK4YRhrj0:H1MRAmXyfWOEOWXK9kNGup8PlLY/rjJC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/weifenluo.winformsui.docking.dll/weifenluo.winformsui.docking.dll

Files

725C75CDB5304B0DC078D4DFF2D258C1.zip
.zip

Password: infected
details.json
weifenluo.winformsui.docking.dll/weifenluo.winformsui.docking.dll
.dll windows:4 windows x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 399KB - Virtual size: 399KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ