loader1_colTV1kSDCipMXx[.]zip | Triage

Sharing

General

Target

loader1_colTV1kSDCipMXx.zip
Size

10.6MB
MD5

ff4b1298f99dcf7ce011fb89046032b5
SHA1

60f0c176e85ffb5eb77346d087cce8b3b82f374a
SHA256

35892f6febaad110d71c94221916c83a54f0d96471653e5487a443eb7dd700dd
SHA512

34cfaae67fbf5178e1f6596aa11a6730a514a09ac293cb4176a4cdd25dc2ba413dafa7fc8f9333ad094678c643f483dae5fc03a834a9e1224800e78869dc504d
SSDEEP

196608:j056XF5wQqLXwb3xVQRT4lrcnCOCwy18B1EXO/wQ1O+esuNQyy:jLVKdw/QRWcnCzeB1EXb+Ht

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Aimware/Aimware cracked.exe

Files

loader1_colTV1kSDCipMXx.zip
.zip

Password: 1234
Aimware/Aimware cracked.exe
.exe windows:4 windows x86 arch:x86

Password: 1234

d221b1dc8c3a08622f6512e7876527c8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
CreateDirectoryA
lstrcpyA
CreateFileA
GetFileAttributesA
lstrlenA
GetTempPathA
lstrcmpA
lstrcatA
ExitProcess
DeleteFileA
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetFileSize
GetLastError
CreateMutexA
GetModuleFileNameA
VirtualAlloc
VirtualFree
GetStartupInfoA

user32

MessageBoxA
wsprintfA

msvcrt

_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gentee
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ