Archive[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Archive.zip
Size

5KB
MD5

fe34e7db0fcfc6a3cf4579b4c91bb4db
SHA1

7692c2b881d0df239486e41708bd027073b35237
SHA256

164f0eb4d9e492cbfcf63da7726b603248d2d2ab5b914a264f6d182f59037f4b
SHA512

e9df2ec4cfb006b3eb40cf29f07e721ba2c95f9d13e803c8989e3eb153b5e621be4042e6b57b391907b3776ed65d9d2c4f96f689bad63ea0b8d0b56bcb114e4f
SSDEEP

96:OVnZY3TRQLDHXPN5Pj/F8RlkFo0Mg1GEzcVqdfocsdbirm6j+V6I5Kg3MYQsDXu:OVnS6LLVhjN8nkBcEFsWmnVr5h3MYQsa

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Lab01-01.dll
unpack001/Lab01-01.exe

Files

Archive.zip
.zip
Lab01-01.dll
.dll windows:4 windows x86 arch:x86

850a8b8b585d7874d0431e8e45d74606

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
CreateProcessA
CreateMutexA
OpenMutexA
CloseHandle

ws2_32

socket
WSAStartup
inet_addr
connect
send
shutdown
recv
closesocket
WSACleanup
htons

msvcrt

_adjust_fdiv
malloc
_initterm
free
strncmp

Sections

.text
Size: 4KB - Virtual size: 926B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Lab01-01.exe
.exe windows:4 windows x86 arch:x86

2b5f75aa75c57ed7c68f7be490d63605

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
UnmapViewOfFile
IsBadReadPtr
MapViewOfFile
CreateFileMappingA
CreateFileA
FindClose
FindNextFileA
FindFirstFileA
CopyFileA

msvcrt

malloc
exit
_exit
_XcptFilter
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_stricmp

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 690B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
__MACOSX/._Lab01-01.dll
__MACOSX/._Lab01-01.exe

Sharing

General

Malware Config

Signatures

Files

850a8b8b585d7874d0431e8e45d74606

Headers

File Characteristics

Imports

kernel32

ws2_32

msvcrt

Sections

.text Size: 4KB - Virtual size: 926B

.rdata Size: 144KB - Virtual size: 143KB

.data Size: 4KB - Virtual size: 108B

.reloc Size: 4KB - Virtual size: 516B

2b5f75aa75c57ed7c68f7be490d63605

Headers

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 4KB - Virtual size: 2KB

.rdata Size: 4KB - Virtual size: 690B

.data Size: 4KB - Virtual size: 252B

.text
Size: 4KB - Virtual size: 926B

.rdata
Size: 144KB - Virtual size: 143KB

.data
Size: 4KB - Virtual size: 108B

.reloc
Size: 4KB - Virtual size: 516B

.text
Size: 4KB - Virtual size: 2KB

.rdata
Size: 4KB - Virtual size: 690B

.data
Size: 4KB - Virtual size: 252B