6d65bd7e706dfe4ea44b259fb8da56bc[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6d65bd7e706dfe4ea44b259fb8da56bc.zip
Size

560KB
MD5

6d65bd7e706dfe4ea44b259fb8da56bc
SHA1

50a851bec4b629553e5b9e9b154eab98d8750b44
SHA256

605a83736c9b9cfeb39fa1c43a2c66db6d2be063e683ba60ec1a082e8a70eee3
SHA512

c033584fd8a9b1edc61ea5639747af547da18926041e6bd7fad72c89499f642ea8bebb654cac196492480c0b85816e5b1d964796b88da5b77ae4368db441e460
SSDEEP

12288:IEbZWj/LqxrLh+AmTva5CrHSASIgtjYy7nY+ZtRmXrHyf8:Iv/LqFgA4y58HLSIgtjYy7YItsbSU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/PAYMENT COPY.exe

Files

6d65bd7e706dfe4ea44b259fb8da56bc.zip
.zip

Password: infected
6d7dbb8d75863e896af97d660c12f67b61a53b35ae164a4d707012facb624519.ace
.ace
PAYMENT COPY.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 615KB - Virtual size: 615KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ