plasticityv1411-zmco[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

plasticityv1411-zmco.exe
Size

1.6MB
MD5

5ffcac5da534f8d03831c560145d682b
SHA1

eefb2b3a4c4d715054a288f3a1b4bf973c336dd3
SHA256

6908bc77835d9e3aca13c6a7bf138ad78fd91c2574425d8120cf1af7b687f374
SHA512

e52419a23cbaf982d47e3a2fbbc0105013c97d5431868951c69b906413e36257536b704ef58850f1b35f8c44e201920bcc8efad0e2aea67fe8d42bd731a1eeea
SSDEEP

49152:Vi2P30wcj09CS/0vkkbOwVeYojsL2cOU7m6MWA:X3rcQgS/0vpbO4LFOU76

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
plasticityv1411-zmco.exe

Files

plasticityv1411-zmco.exe
.exe windows:4 windows x86 arch:x86

Password: cgpersia-zmco

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 13KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1024B - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 317KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE