593251_74ArMrqR[.]zip | Triage

Resubmissions

11/07/2024, 10:09

240711-l6xk8ssapp 8

11/07/2024, 10:04

240711-l346xathmf 8

Sharing

Copy URL Twitter E-mail

General

Target

593251_74ArMrqR.zip
Size

20.0MB
MD5

881c56a3abe63662f046ab8eeff5ae98
SHA1

dfd72b3d4d886ad50af6eef558fc84c6c3f7a948
SHA256

def470504469286fb83bf660d4ca816602543ec6a6d102c5bb2f150031134a2c
SHA512

764b3b850ce511b3c1f5a01d48392a1a5e3153c21974569094dad83995fb62ed9a29d9b2e40ffb4c3dad8c645c5f99db2f4eb85d3ef8b07acc346b812ea81796
SSDEEP

393216:4MAESoWHgd8X49Lps75cIpD29tkYAK20K8zofActlcLl6HRQ:4MA3oWH0xNi5meYJ0ISlc4xQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/593251_74ArMrqR.exe

Files

593251_74ArMrqR.zip
.zip
593251_74ArMrqR.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qps
Size: 11.6MB - Virtual size: 11.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ids
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.5fs7
Size: 7.2MB - Virtual size: 7.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 445B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
593251_74ArMrqR.ini