1204_6a54792ab8392b41d735e4caa5337e8cc6b7751f20b7e3e5b645d51538d8151a[.]zip

General

Target

1204_6a54792ab8392b41d735e4caa5337e8cc6b7751f20b7e3e5b645d51538d8151a.zip
Size

572KB
MD5

dac888a58cfe06d974950c7b4ace9c59
SHA1

b384bf9bef2773dd910527c3fca2a668adcd1a80
SHA256

c7735f431f1f6eca097fe51171c2b317f6ebfe2c233bc16f7e772b5cf48589ae
SHA512

1b080d9613e09f6924056caa0ccfccbcf45752988b131deb2b94bee56985345c10a1bf3022a729f57f893e5418eae1865e24ddf04b47ea8fb94a4cc9ca82ec4b
SSDEEP

12288:4kDei8T0HCX8fuuBsR3VfKnwObSqvwH3T1ctNt88ZXVq4fsyeC:4kDeiD/BsR3VTMSMwAqAXVw/C

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/transfer_20231124.exe

1204_6a54792ab8392b41d735e4caa5337e8cc6b7751f20b7e3e5b645d51538d8151a.zip
.zip

Password: infected
6a54792ab8392b41d735e4caa5337e8cc6b7751f20b7e3e5b645d51538d8151a
.zip

Password: infected
transfer_20231124.exe
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 620KB - Virtual size: 620KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ