a874caae3ad0d781d456590a4bcc5a5bd02a0efd3d4aa6756b34dbb7ad4588dd[.]zip[.]zip

General

Target

a874caae3ad0d781d456590a4bcc5a5bd02a0efd3d4aa6756b34dbb7ad4588dd.zip.zip
Size

5.8MB
MD5

b6b2dcda6e8a45b74075cf793e9fb3fa
SHA1

a9b8c253dd5655ef0c52b0bf8919427194ea3512
SHA256

9a8dc7cc819c6662b26948270a25759ac47ed863642118269ea73ac0340e6a08
SHA512

f8e88b39f8aa3835b2b945a13d598fc6f4cdb891d30f7e210bcc32768f270ae1802cd7b77ce481630edcf106295b4f36cc27fae4eb00c87a7b0bad866596e125
SSDEEP

98304:z9HC3lXuFqiOi7UuCbDZV5xFI2WRDeG8AfzVJe4l/XnbjnBS0KlkIZJcKax+QzNN:zG+MiOi7UFmSG8A7XdX35KlkIZJcK5aN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/BlueArc_E-Learning_Mod1_8_1.exe

Files

a874caae3ad0d781d456590a4bcc5a5bd02a0efd3d4aa6756b34dbb7ad4588dd.zip.zip
.zip

Password: infected
a874caae3ad0d781d456590a4bcc5a5bd02a0efd3d4aa6756b34dbb7ad4588dd.zip
.zip
BlueArc_E-Learning_Mod1_8_1.exe
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 210KB - Virtual size: 524KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 750KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 295KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Password: infected

Headers

File Characteristics

Sections

CODE Size: 210KB - Virtual size: 524KB

DATA Size: 3KB - Virtual size: 12KB

BSS Size: - Virtual size: 4KB

.idata Size: 4KB - Virtual size: 12KB

.tls Size: - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.reloc Size: - Virtual size: 40KB

.rsrc Size: 750KB - Virtual size: 1.7MB

.aspack Size: 295KB - Virtual size: 296KB

.adata Size: - Virtual size: 4KB

CODE
Size: 210KB - Virtual size: 524KB

DATA
Size: 3KB - Virtual size: 12KB

BSS
Size: - Virtual size: 4KB

.idata
Size: 4KB - Virtual size: 12KB

.tls
Size: - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.reloc
Size: - Virtual size: 40KB

.rsrc
Size: 750KB - Virtual size: 1.7MB

.aspack
Size: 295KB - Virtual size: 296KB

.adata
Size: - Virtual size: 4KB