6PLSrQhg[.]zip | Triage

Sharing

General

Target

6PLSrQhg.zip
Size

1.0MB
MD5

4d450e3c7f151177f31f0833cb33ed6a
SHA1

6f1986b030edb8998a8b33d98758958fbd3d5ca4
SHA256

28eb407d1780251076d03c2e0ad05a43571f3d1e9bb23950fc80e42dfb67c21d
SHA512

dde45fe7617df8f6b7452ff633f05763640dfe736a97662a6974a86d8f3b68e3797d1a8c920adfba90d7a453890c10f824815eda1c942b2ee25a80311536bf39
SSDEEP

24576:gmiabTPv9x9xutIaOoPpIilT9XTU83QD3CPmw+YTLngVVoEji:g5afH/+tIatI89j7QC9+ogVVZ+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/cDA34i7Jn.exe

Files

6PLSrQhg.zip
.zip
cDA34i7Jn.dat
.zip
cDA34i7Jn.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 916KB - Virtual size: 912KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 164KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
edge.jpg
.jpg
edge.xml