finger[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

finger.zip
Size

1008KB
MD5

cd464c7eb711922b2eb7202089dab9e0
SHA1

5c8a87470bd86868632fd7c003f63d35ab78b015
SHA256

dfce4535903ae80a4e40c7e850e15c411c832e1c19058bdc0fc53291fa23ec61
SHA512

499175999c3162754b93107b5afd5faa054aa1d5b8f1715fd913d8440109e4d5aef6cd1bd18747782b36181556cfdbdd07dfcafee8d722e004db51a79deda2e7
SSDEEP

24576:EXTXJnqE+bS/Ss0ONHODS56Y9qB0G7MzAWauvjSFUjHU751o8J5CGE:4T9+gHODSBgkzH9SF0H8oydE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Device/HarddiskVolume4/Users/alhoulii/Desktop/Kaba/CD BCOMM/b-comm 4.1.3/B-COMM Java/MorphoConv/CorrectFingerPrint.dll

Files

finger.zip
.zip

Password: Infected123!
Device/HarddiskVolume4/Users/alhoulii/Desktop/Kaba/CD BCOMM/b-comm 4.1.3/B-COMM Java/MorphoConv/CorrectFingerPrint.dll
.dll windows:4 windows x86 arch:x86

Password: Infected123!

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Exports

Exports

CFV_check
CFV_correct
PKCOMPV2_check
PKCOMPV2_correct
PKMAT_check
PKMAT_correct

Sections

Size: 220KB - Virtual size: 600KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qwrdsipy
Size: 800KB - Virtual size: 800KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zjcygoix
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
manifest.json