2 Samples[.]zip

General

Target

2 Samples.zip
Size

3.6MB
MD5

9c5cd96d916ae1ec42dcd78231e9df7c
SHA1

5fe9f23ee2aa1c93ffff3f640e0cc16a47f69e23
SHA256

84d5cf75beded8c5185bf8a35ccb12f0d3173db08880e591dc1ba664d2aff9fc
SHA512

1997748876a2b2963f4f724fde7259fd861733c3e95dc103d1ff4baae87c81de164b3fe1e42d9e07e0737d6c3f0a8c26c6789a7959e446b5cf7bb90cceac8fb4
SSDEEP

98304:tCK5GNEEE++XD690LJuNqWL93J6c6rj9B3rLzK:EjNBEJz/PWL9Z6tbrfK

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/02b57682b9f988b2e52e4b17bd11649f9f33443767cb9ee6d2f8e0c7d6d43594.exe
unpack001/24e7c8cea0b5787de8f92ae97a8f50c1de5da0e440abe84b9657d0c62d3e518a.exe

Files

2 Samples.zip
.zip
02b57682b9f988b2e52e4b17bd11649f9f33443767cb9ee6d2f8e0c7d6d43594.exe
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 182KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sxefvezt
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hejupalo
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
24e7c8cea0b5787de8f92ae97a8f50c1de5da0e440abe84b9657d0c62d3e518a.exe
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 182KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

trwxmyfz
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

atuqrxad
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

Size: 182KB - Virtual size: 408KB

.rsrc Size: 512B - Virtual size: 480B

.idata Size: 512B - Virtual size: 4KB

Size: 512B - Virtual size: 2.6MB

sxefvezt Size: 1.6MB - Virtual size: 1.6MB

hejupalo Size: 1024B - Virtual size: 4KB

.taggant Size: 8KB - Virtual size: 12KB

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

Size: 182KB - Virtual size: 408KB

.rsrc Size: 512B - Virtual size: 480B

.idata Size: 512B - Virtual size: 4KB

Size: 512B - Virtual size: 2.7MB

trwxmyfz Size: 1.7MB - Virtual size: 1.7MB

atuqrxad Size: 1024B - Virtual size: 4KB

.taggant Size: 8KB - Virtual size: 12KB

.rsrc
Size: 512B - Virtual size: 480B

.idata
Size: 512B - Virtual size: 4KB

sxefvezt
Size: 1.6MB - Virtual size: 1.6MB

hejupalo
Size: 1024B - Virtual size: 4KB

.taggant
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 512B - Virtual size: 480B

.idata
Size: 512B - Virtual size: 4KB

trwxmyfz
Size: 1.7MB - Virtual size: 1.7MB

atuqrxad
Size: 1024B - Virtual size: 4KB

.taggant
Size: 8KB - Virtual size: 12KB