589166_h9yxU4[.]zip | Triage

Sharing

General

Target

589166_h9yxU4.zip
Size

21.5MB
MD5

66f5817fb058c1f6e2b45afd7503dfbd
SHA1

2131be89c64d6453687b6b23294b58057b3d79a9
SHA256

0e61423ce0dd19b1902ffcbfa2f5362d2b309f357b703a67bbf5720311369042
SHA512

246eea6a849f5c71c39f141d9ec8eedf71bd90c747969b6afe8a3b151f5c880c8d4c55b3d9ee6f2f9e2fa1d9e9ae05026bd66923de956c04f1d5b7be9f4adb7e
SSDEEP

393216:DEcv9sEy0fYZ9yGfcMwFKYMPBd/yXUkdxMkQelfk:DLvyEgZ9ybMDpwUCNk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/589166_h9yxU4.exe

Files

589166_h9yxU4.zip
.zip
589166_h9yxU4.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.iom2f8
Size: 14.0MB - Virtual size: 14.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dxc
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.2b2ixq
Size: 6.4MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 445B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
589166_h9yxU4.ini