RUMFUPKRBYH5OTM8IRNQJE6BGD7BFAHYRJ4T3W4TP9PZSI4WWXHO[.]zip | Triage

Resubmissions

17/04/2024, 22:34

240417-2hjx8she3t 7

17/04/2024, 22:32

240417-2fx23sgc65 7

17/04/2024, 22:27

240417-2degyshc8x 7

Sharing

Copy URL Twitter E-mail

General

Target

RUMFUPKRBYH5OTM8IRNQJE6BGD7BFAHYRJ4T3W4TP9PZSI4WWXHO.zip
Size

15.3MB
MD5

59a4506453344c640715cfb6085dcae9
SHA1

0f4c42ebac8f0234608b32b5061eb7a7f9ab0424
SHA256

1cdd96efe98efa78f3c1647567364a5d87ab3078ab7b6fecd933e2aa56c28071
SHA512

861491b9324f42cd515a200563534145438c7496ea4660093bda8ee784b7b74c9290248ed096f04b2011844be2be8eb2fa2061624ec418abba2fbcfebc90855f
SSDEEP

393216:DQkVUKkvueZb7Ci07yFx/JzQO3nTBvjHGibK1:DQDzb9z07ExxB3TMp1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/RUMFUPKRBYH5OTM8IRNQJE6BGD7BFAHYRJ4T3W4TP9PZSI4WWXHO/DG_MSActivator.exe

Files

RUMFUPKRBYH5OTM8IRNQJE6BGD7BFAHYRJ4T3W4TP9PZSI4WWXHO.zip
.zip
RUMFUPKRBYH5OTM8IRNQJE6BGD7BFAHYRJ4T3W4TP9PZSI4WWXHO/DG_MSActivator.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

DG_MSActivator.pdb

Sections

.text
Size: 15.5MB - Virtual size: 15.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RUMFUPKRBYH5OTM8IRNQJE6BGD7BFAHYRJ4T3W4TP9PZSI4WWXHO/terw.txt