1f69810b8fe71e30a8738278adf09dd982f7de0ab9891d296ce7ea61b3fa4f69[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

1f69810b8fe71e30a8738278adf09dd982f7de0ab9891d296ce7ea61b3fa4f69.zip
Size

223KB
MD5

91cc14457fb7680e45510fe4cdcc05c1
SHA1

16b383a176b61d78a4338c6f510872c43dcec452
SHA256

3ca550ea7a57934d6a0eba1184364d2c87a0a7d886311be7a6afb813989caee8
SHA512

71245c73c5650a84849ba715cafe4ab099eeac8c58bb870d104700cd7c5140407ac4e88f828474ec5d1295ead9bfa13ba7028eec987101c5efe343c5ef12bd65
SSDEEP

3072:vSpadyBpMtKfDHwKBN6ItwPmdrak5WbC9wzUPl1gANFYAum/L9OYua1PErWgjqT5:qpadyjMtcNN+nkC4PvhLFbL8YQroUM

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/1f69810b8fe71e30a8738278adf09dd982f7de0ab9891d296ce7ea61b3fa4f69.exe
unpack001/AxInterop.ShockwaveFlashObjects.dll
unpack001/Interop.ShockwaveFlashObjects.dll

Files

1f69810b8fe71e30a8738278adf09dd982f7de0ab9891d296ce7ea61b3fa4f69.zip
.zip

Password: infected
1f69810b8fe71e30a8738278adf09dd982f7de0ab9891d296ce7ea61b3fa4f69.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 251KB - Virtual size: 250KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 166B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AxInterop.ShockwaveFlashObjects.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Interop.ShockwaveFlashObjects.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscoree

_CorDllMain

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 251KB - Virtual size: 250KB

.sdata Size: 512B - Virtual size: 166B

.rsrc Size: 171KB - Virtual size: 171KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 15KB - Virtual size: 14KB

.rsrc Size: 1024B - Virtual size: 768B

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 19KB - Virtual size: 19KB

.rsrc Size: 1024B - Virtual size: 920B

.reloc Size: 512B - Virtual size: 12B

.text
Size: 251KB - Virtual size: 250KB

.sdata
Size: 512B - Virtual size: 166B

.rsrc
Size: 171KB - Virtual size: 171KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 15KB - Virtual size: 14KB

.rsrc
Size: 1024B - Virtual size: 768B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 19KB - Virtual size: 19KB

.rsrc
Size: 1024B - Virtual size: 920B

.reloc
Size: 512B - Virtual size: 12B