ez[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ez.zip
Size

43.3MB
MD5

aeacfe87a645445cd2e5d6b7fcd88ed3
SHA1

47944a4a25459b6e27ba72c47c6d992f8228934d
SHA256

d84e1572611d22c839f969a7ea8c7a9eb67d91da628c20f1358810a9f7377f58
SHA512

5bb2b15f44d44910388b2e7de10034c9456cacd43c64739c90bef1d7ee9633a9ec34eeec62a7854e6972c5116c691d5eb501d15ffd622dd47f67af7f843d06a7
SSDEEP

786432:FCJaD6fCB1NPf/5H7+KPnjNUKwmfRWhFzJP0TUOOFkYjCIqz0nLrtltbRz3I317u:gsWCBH35XnjmKwm8zJejZIqEbRIYgY/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ez.exe

Files

ez.zip
.zip
config.json
ez.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 42.4MB - Virtual size: 42.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
usernames.txt