Documents[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Documents.zip
Size

541KB
MD5

4bdc3c4e9eb0e4e9a16508af845a3e57
SHA1

9008145de01f73d91bac8e12b04034945682df86
SHA256

d4460adada9326e90bbbe95f5cfc50efdbc315fa177152a92dde48e50fa3887b
SHA512

ae938fdec7933754184720579f4ed563d91d0fb4b63909f66fb32947f7b06aad50463b26ada647b42c0c7cee8d9a8708926d80b754d905e3a96dc6aabbe3f7d8
SSDEEP

12288:r2v8t4IDJrF71hGR2WrROq1gm2LVLP4d3WgL7/RNTq3X0Xk7eK:ykt4k71oRNrUqihAdL9c3X0XmeK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Documents.exe

Files

Documents.zip
.zip
Documents.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 760KB - Virtual size: 760KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ