Abyss[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Abyss.zip
Size

7.1MB
MD5

c34fe2d5d9122a13a9c90687f1d62fff
SHA1

98178448696fe0ff3e94eee5fc20d383f571c819
SHA256

dcf0733ddc0ba4dd6aaa0e7c3632b7a5a99775d0730f65449c2faef07734b0e5
SHA512

dbd57b89782fe383b782f2e49e093f60d717ddfdad49429952eeeffd46179cca126f21332f9c5f34b089353779f5bfacd6ee36514552922f9965e01d7374e707
SSDEEP

196608:Xrjbn75NaKJ2eJ3csctDKdJ8/8TxFlHu7ph7SNaB:RNayJs3iJhT5HuV40

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Abyss/Abyss-Loader.exe

Files

Abyss.zip
.zip

Password: 1
Abyss/Abyss-Loader.exe
.exe windows:4 windows x86 arch:x86

Password: 1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 694KB - Virtual size: 696KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

appscat
Size: - Virtual size: 10.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 6.4MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Abyss/README.txt
Abyss/UserLogin.json