17869420989[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

17869420989.zip
Size

456KB
MD5

48e05e4f4326bcac1ff31c7e0772f488
SHA1

5d07bf319a177a1c8bfc3b83946d8c1c77a9a097
SHA256

c634239fbd09cf546259cfea5a3e9115ec5ce4e2447fc17afd39c4a48cf10f86
SHA512

4769965737d4fd95eaa96d522968b81c9868dc6050f328fb7ef7500be38be5be550a46b7f5db6a4c8d9651000ddfd1544484c0377f3c62351fc876555238f65b
SSDEEP

6144:jbHYvxonQDuVdS3BTAvCm041gqMajsfT0suLuFTn5lEn3FxZCyGv8UpSJOZe8WUO:PiDRqC/NvajwT0M5lE3Xwv8ROZePaA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/a850de0705c0f6095910aa1d5ed0e73a49581aa7427fcfaf2ff5144e93b047c1

Files

17869420989.zip
.zip

Password: infected
a850de0705c0f6095910aa1d5ed0e73a49581aa7427fcfaf2ff5144e93b047c1
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 472KB - Virtual size: 471KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ