ap-file-qchzqvak[.]pif--1602175559[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ap-file-qchzqvak.pif--1602175559.zip
Size

532KB
MD5

346bab3b722146e3521d020343ea97fd
SHA1

40087bb277013b525e61a08690dc2fa9f6ea4e52
SHA256

7af2eea011f9b5bf14e3046a7607c7b6de805b4f77858ac925fc9fc0bef4cacc
SHA512

57863ee5a0d5e437f508bc31b58381133614bf2b14c5ba9997249b5109a6040e3f4fbff10317dadce6054fe2b42b9f402f4a05a153d782ea957c9975fd54ee27
SSDEEP

12288:S3YS+3CFyWZjMCc6z+YzrHA6fYFoRq8gCL5WzdmVDQUAwmbEQ:t3MZZjMB63scAWqty5WRLUA/bF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/qchzqvak.pif

Files

ap-file-qchzqvak.pif--1602175559.zip
.zip

Password: cautionhandlewithcare
qchzqvak.pif
.exe windows:4 windows x86 arch:x86

Password: cautionhandlewithcare

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 358KB - Virtual size: 358KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 604KB - Virtual size: 604KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
qchzqvak.pif.METADATA