A01000927_2024-08-02_16_25_39[.]566[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

A01000927_2024-08-02_16_25_39.566.zip
Size

12KB
MD5

82a8ddbbb499fe54cc56f654c7c087de
SHA1

d42ab2f40a99c7a8f3ab73a22da96f37f9d3a773
SHA256

403fe142d82220e2b9b76e39dd512a369ef0f0baa0729ac44c4c29a2ebdf7d2b
SHA512

d85ab1629a7d94f76121a73c7f1485bc7255f912b09610c606e3f464557a4d83e730cec1ba1fc93019dfe14f38724e7c9b8dd521a4f03caa0eb7e9aa45c4db99
SSDEEP

384:NTHTeGKziHXapkCEyjQv8LMwqoVLlTG0h41x:NYziHXEoULMwtVLw0+1x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Device/HarddiskVolume3/windows/Temp/THX/Devcon.exe

Files

A01000927_2024-08-02_16_25_39.566.zip
.zip

Password: n2TDTH1UcA943Aou1e2N
Device/HarddiskVolume3/windows/Temp/THX/Devcon.exe
.exe windows:4 windows x86 arch:x86

Password: n2TDTH1UcA943Aou1e2N

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
manifest.json