repeat_order7658[.]tar[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

repeat_order7658.tar.zip
Size

822KB
MD5

148f8cc27abfb312a096404f7f487316
SHA1

fe0fc5124afbfdfe54b87438f1636abef036c6b6
SHA256

8f21b79177ad55027fe6fc672c881f80e70fba2347de6ea22be2fe6a5d95ca4f
SHA512

11e58f1a657df56e015c7725ae5e615ffa6032f0f8721b0447428fe83375b7ce35fbc63bbb0fb7719ec3c857e8519bd78443eb1c4a3c0df6fe83683225a7c190
SSDEEP

12288:SnjBwlb4l1L5IKTKO4SunEdSx242dR1kZmMG8RhxcXn047VOADlbP8WAyC+H1I2a:atSb435ySY4JxUhe30aJDuvMzw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/x.exe

Files

repeat_order7658.tar.zip
.zip

Password: infected
repeat_order7658.tar
.tar

Password: infected
x.exe
.exe windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 324KB - Virtual size: 324KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1013KB - Virtual size: 1013KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ