14627696334[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14627696334.zip
Size

76KB
MD5

753ad83c89520ab0bba1167adc7832e4
SHA1

42d519dbe17b5456b272d86554da0f2404b5bb1e
SHA256

c359c9c0bfcb28f28bd6d72f437bdb1792d823b208c7138ef336f75e119f7bd0
SHA512

2bf50423902c4db3ef7c906894aaf289aee47c672936a426a10e4efd3fabf8e17f3a8a3a48f7d0f72eec52cbbb0245e3ae3cb0ac347757278ae5b796d014c743
SSDEEP

1536:f6yl7mTbDigLhG3cap8kp2bBz5zFqx2K3zsY16ocXTF9nCA:CMCPGgLU3eBlFqxtsY0XRJCA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/fa4b2019d7bf5560b88ae9ab3b3deb96162037c2ed8b9e17ea008b0c97611616

Files

14627696334.zip
.zip

Password: infected
fa4b2019d7bf5560b88ae9ab3b3deb96162037c2ed8b9e17ea008b0c97611616
.exe windows:6 windows x64 arch:x64

788df74dadedc73741b1c207c3f10392

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetTempPathW

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ