828c26aae669055e[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

828c26aae669055e.zip
Size

12.5MB
MD5

a1490e4cc93b064cf6f481bb106afdc0
SHA1

87d06778576604e0b7996bf462a7313acda1b200
SHA256

bcd155a90116b89df179fee19652a64c5a5f6f13219d0e5f1d3b90e470c5ff3f
SHA512

06bffaf2435e1a5493a24eaa28e26e8b0063fe4a8718295d98353d0faf1a083a97a20c29be6b40cbf32bef05fd1157d84fb280bfb5d41416e22f797b03e4a047
SSDEEP

393216:WtVnbOj8+Ss6oZZ6OCvcl3kEK/cMg0dtdhfTOfK:WvSooHxCvcl0EmcWXFTOfK

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Client.com
unpack001/Library.png

Files

828c26aae669055e.zip
.zip
Client.com
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

�d��l�X
Size: 1KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Library.png
.dll windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

S5R2
Size: - Virtual size: 11.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

btZy
Size: 12.4MB - Virtual size: 12.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

4FrY
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
RunAsAdministrator.bat