conhoz[.]zip | Triage

Resubmissions

16/04/2024, 01:25

240416-btd81sdg97 8

16/04/2024, 01:23

240416-br1dgaff3z 3

16/04/2024, 01:14

240416-blt99sde43 3

16/04/2024, 01:01

240416-bdl9padb55 3

Sharing

Copy URL Twitter E-mail

General

Target

conhoz.zip
Size

46.6MB
MD5

e57a150394281925091b1d708bd4dd60
SHA1

b0110428369e463b96ec95e0bf52424e339aa3c7
SHA256

67eceab1b95363426cdc4e56f6fbc7c583de1cb250a186857f4f1627141c021b
SHA512

a922dbb7bae5a867e894938f21196bfb088dfa66d37c7d598fd1422bd6adaee13fddc54bfecf6c97ccb7e4ea3b81a3f343e6f7d7564bce1c4f033eca7ee4aaa2
SSDEEP

786432:Y18mZaORXsJtuW+18mZaORXsJtuee5F4iBEi/3irjgz:d0aAXsPuWD0aAXsPueF4Ei3ivgz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/conhoz.exe

Files

conhoz.zip
.zip
conhoz.exe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ