17244419392[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17244419392.zip
Size

3.6MB
MD5

c7286b436d54684204c64310fefc620e
SHA1

19f1b4987bf684fa3b2b7a7bc2e831307603c45f
SHA256

4e6477a058d3941b6ed51ec72b45cfe509912ea27e86ade421964573d23157ce
SHA512

4b5ad92945444d3312363f1331838198c0a6a48f19a224351ee74d4cd612cfebbb22a29a1fe9fa68e68a501d9ce42aa71d8c8e1ab7b8f0638d3bcc1cbf5dd419
SSDEEP

98304:tk4tgPaRuNni53EtcxdIzDRPW5I8oLO58jgGRgF:tz5bdIzs5FqjgA2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/e5483257cce7319ff2934ec4e200e9c7f3cda8e52419d92350c089ffc1915a87

Files

17244419392.zip
.zip

Password: infected
e5483257cce7319ff2934ec4e200e9c7f3cda8e52419d92350c089ffc1915a87
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

L0PW
Size: - Virtual size: 8.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

v9DI
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 70KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE