AO_RDS01_2024-04-18_16_39_30[.]221[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

AO_RDS01_2024-04-18_16_39_30.221.zip
Size

13KB
MD5

f827a1fd82ba3c0a6e29b52c846350c4
SHA1

0cbaa6e35f322eb6cb783b3c78f7c2ba98c727d4
SHA256

704784b07c98d684e9d8bc49631f333ae54cedd94f2fbbc7ce3506ddc0f6b221
SHA512

00e3fe2edfffbb06dc9142e85e4e4eecf5a79e3cdcbe3a8dfc5b5b644269ae89a2ca1e87e54ea79e87c11d743fc1354ac10612589054a57df8845f171cfad469
SSDEEP

192:NxUpx1FrhtrHuApM3jQA2gg8qEuUlAfdxxBW2F69w3oLGkk0ZL1r8fh78eq6mk+0:NxKDtrHuApTQJluVUmoaq98578eq655X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Device/HarddiskVolume4/Users/jjohnson/Music/AccountRestore.exe

Files

AO_RDS01_2024-04-18_16_39_30.221.zip
.zip

Password: Malware01!
Device/HarddiskVolume4/Users/jjohnson/Music/AccountRestore.exe
.exe windows:4 windows x86 arch:x86

Password: Malware01!

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\user.DESKTOP-3VUNKBC\Downloads\Account\CrackAccount\obj\Debug\test.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
manifest.json