17190239140[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17190239140.zip
Size

43KB
MD5

9baa4672542c628264ca04c7f9afa011
SHA1

505178250949548f3aa7ab7e2a4fdeb8305cfaac
SHA256

b216e73f9372e4c1dbd2b1bbb435c9e7ab90151c2d6e38c31443d76337d37c68
SHA512

0945edb350532f71371847d5f08b701c27cea174808be00a3d8cd0b3b059954de54b3666ec57db1022a5c6e99a0dd5171552abcdab8f14c60c476a1cd712552b
SSDEEP

768:naabMoaYyC0JGNNFCh2T/0aTtWxZSRMpv0unm1F+CEaTptUqtjARMTdM:FMjC0wjIhA/BbRhF+ClTptU2jARMTK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/6aed6a4362985a3452acf3608bde5919f8c49890af34d86324241f4e8f24aa25

Files

17190239140.zip
.zip

Password: infected
6aed6a4362985a3452acf3608bde5919f8c49890af34d86324241f4e8f24aa25
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\Users\Luis\Documents\Visual Studio 2010\Projects\Alerter3ClientCS\Alerter3ClientCS\obj\x86\Debug\a3c.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ