11122023_2315_Jrhrsrhdfrhse[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11122023_2315_Jrhrsrhdfrhse.zip
Size

1.0MB
MD5

3a2443d61b91a2ccf172ff04e4031757
SHA1

d1cf95440dfdeaa5a85325a243ff17169e1c1de5
SHA256

1be0d0bee02cd81ac0123cdbd4c512d7fe59793c5fc761f239e7b537c63418c1
SHA512

79c9c65d982a3a4c5dbae27e71cb112e6f703e91127e66c436f1eb98f5705a8400be43c7240215e08b55006d716d08d3572f16a928e86a54673b2bf57854bd64
SSDEEP

24576:5GXngPAxMA0uthByOvIot0UCAN7c7CKWXQY1ppqlAPVsCgO5YRP:xPAPthByOFtdgWAY1pprN5yP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Jrhrsrhdfrhse.OOOOOCCCCCXXXXX

Files

11122023_2315_Jrhrsrhdfrhse.zip
.zip

Password: infected
Jrhrsrhdfrhse.OOOOOCCCCCXXXXX
.dll windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 939KB - Virtual size: 938KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 648KB - Virtual size: 648KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
launcher.bat