14006816547[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14006816547.zip
Size

448KB
MD5

0bab6c3019e359cb6cccb81b56479951
SHA1

1e4ed1aeadb8daf4f3ea77775b626c6d7c12fe30
SHA256

a4f6ef0b4351ea33b0fb6d4a2fa386ae4d95d69d5f9413fd63e7b6bd3656fd90
SHA512

3a19386d144014858f60e7f5c961b4f30bf925e91348a092be69d69686c706fef44b8eb5ec97a84ef864c712de47c945f5acdf69d222cc8158af7cd53d8d3e35
SSDEEP

6144:/G1NeJ1P6730M+fD9kfPznM+u6pExg5OtbC9IchUoeIbwAyAwkeyL/UddmOKfOMN:7i732+HrM+NpEOUuI7owAEk/cddphikO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/8f44201b56398e30425dab3f99cda8c490e3b4ded5f8d545de18f779f1feb6e9

Files

14006816547.zip
.zip

Password: infected
8f44201b56398e30425dab3f99cda8c490e3b4ded5f8d545de18f779f1feb6e9
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 765KB - Virtual size: 764KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ