2e16bfedb6a494f4cc12adfc067741184829928daee0ecabdc84e1d8452c0e8e[.]zip | Triage

Sharing

General

Target

2e16bfedb6a494f4cc12adfc067741184829928daee0ecabdc84e1d8452c0e8e.zip
Size

26KB
MD5

420b831841d54316297e421159299636
SHA1

da38b5b4ff5b68b5b31209e1c43a833dfa230856
SHA256

2e16bfedb6a494f4cc12adfc067741184829928daee0ecabdc84e1d8452c0e8e
SHA512

c56bdfac186cd0c2d55b183c31c6a955c843f2450b9a8f48b271610a3269aeac0a4e9a8c5d4c82cb0bbf70916d79149293af1897dd4af3e2f9c1f5d10ea6e4b9
SSDEEP

768:PTGiVlYv8RSiHTfsuDuso8MHMt+wVupKqh6nZzYd:bjI8RSiH7suDuq9PVuUqhsq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Bill.txt .exe

Files

2e16bfedb6a494f4cc12adfc067741184829928daee0ecabdc84e1d8452c0e8e.zip
.zip
Bill.txt .exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 17KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aspack
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE