REGISTRO-MALWARE[.]zip | Triage

Sharing

General

Target

REGISTRO-MALWARE.zip
Size

3KB
MD5

0f0b0e99176c1db2bceb913c5d8fa1a7
SHA1

1c089b68448211304495120a882662c3a4589bfe
SHA256

d05c61f727e7f7aa58d215a245c77db7c44d805c8c850cf23ee2f591fca95947
SHA512

1bb28f0cc77820ba3a7d0e633bb3496432b582139971393c9a54a865b36d2c72fa97f39d04a1d2b411ac649329969ced63c7a1208b8f185d74f55abe40caea1c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/BSCO-REGISTER.exe

Files

REGISTRO-MALWARE.zip
.zip

Password: qm
BSCO-REGISTER.exe
.exe windows:4 windows x86 arch:x86

Password: qm

7561f617f3827674993d78a3c48f4610

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord667
ord526
DllFunctionCall
__vbaExceptHandler
ord711
ord608
ord716
ProcCallEngine
ord576
ord100

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ