18492349718[.]zip | Triage

Sharing

General

Target

18492349718.zip
Size

32KB
MD5

47797492599d62645c6daaae7d637b98
SHA1

c9040219a3fd9dfa504ae2678e7c9d9ac62ed9c8
SHA256

10d796ed68e1488641ee8c0d9e59632e8391986ca07349f6a7e42094daa0993a
SHA512

e47ad5822b7c5fa26a2de601dbd656b0de46c630ccbb4bf18d4001020712dca4e5cd33b3f3b392e3e0d8752d615287ea0a7ef5d4d3be071422f07266b6ab0d33
SSDEEP

768:c28DY2G/AcUq/KeHxOJt+g8JcVG5xbTRpNDWb6b:h882VLs4GLjF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/802c928140a01ed991db3badfb3cb558f08ba4bde8963b5d3d6b98806c99d8cb

Files

18492349718.zip
.zip

Password: infected
802c928140a01ed991db3badfb3cb558f08ba4bde8963b5d3d6b98806c99d8cb
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ