KasperskySecurity[.]zip | Triage

Sharing

General

Target

KasperskySecurity.zip
Size

4.2MB
MD5

32a580c05b4a6f26f12327f1fd4ce7ab
SHA1

bb6d3fb2242af853329fafe2005e134b82d3e752
SHA256

72a9b9315390d523045bd1a7578f2e60660e140e548b22185630b3f6f6449ce2
SHA512

e6cb6ab15f8f405916d911e88e7701b4b8a6790f561edcd47df9aae4ae31ba37f8249b943c3b2e6f449036081eb5b56811ce4440b8724553eb7cbedc544bf111
SSDEEP

98304:dVHmedcZlN92E1Rip7DuUPllxitQR6WxKWlT4xCSYHvY2R9L9b9kj:5cPzj1RQD1PlfWWHcoRF9b9kj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/KasperskySecurity/KasperskySecurity.exe

Files

KasperskySecurity.zip
.zip

Password: 1542
KasperskySecurity/KasperskySecurity.exe
.exe windows:6 windows x86 arch:x86

Password: 1542

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 30KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3.9MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.XZ4ArpI
Size: 298KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE