8cf53b7c42ae437c799f06e9c5fd83b9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8cf53b7c42ae437c799f06e9c5fd83b9
Size

14.3MB
MD5

8cf53b7c42ae437c799f06e9c5fd83b9
SHA1

81de07789cc7d8d03fa9d19f0edaa734aaa0b3e1
SHA256

642d0a9b1d1abc6a89865ae6605925f7d35a9f1aea3a084f0d561740cda57138
SHA512

6ea06d718e84e6e3abe4f0fc59905c81269b46e530dee7026020edf9d4d4a73740aab49ab8e2f9608c4419cd88081529417db68af083efd08a24f025cf36b301
SSDEEP

393216:llYElt8klyVRHylxu5utrtqc2g7gks7VxpHi:llYaak6SlxfGc1aPpC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/zuma.exe

Files

8cf53b7c42ae437c799f06e9c5fd83b9
.rar
zuma.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
下载说明.htm
.html .js polyglot