Patch[.]zip | Triage

Sharing

General

Target

Patch.zip
Size

32.0MB
MD5

3ab1241c3c991c0b8937ef773a5d15e0
SHA1

37bccac9852dfb0bfd70992eca4544e632fa63a9
SHA256

3b3f4c44ff311ea18cfdc552819d757630a67c803b12c76976e2694f8c7e33dc
SHA512

dff2f6075aa038b5a33e0ba26295c52ec5352f7b52ffbc699fd98859d1782c905ba077a2453f10112e0a9bfbe9422b8670fdbb2f8ff79ee52d15824f834e6073
SSDEEP

786432:ED+ZNJaFkYfcV1UjIJRVELb7FCWltOtd2oxynL3:skOLfcuvLltOfTaL3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/wfilmorav13060-zmco.exe

Files

Patch.zip
.zip
pass.txt
wfilmorav13060-zmco.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 13KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1024B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31.7MB - Virtual size: 33.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 312KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE