aa472a5c9e9d550f[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa472a5c9e9d550f.zip
Size

12.5MB
MD5

340aadc7a78d4547dc290b8a8a4f87e5
SHA1

8ff53a4ed3c6acb81adf93c72f4d5f5dd7b8ea45
SHA256

36fb9c1b130ed43dc6026037d53f5e4f2ad14080eda0bf8f86573ed467fdcc8a
SHA512

c69e6e50396f6712e4eb4145f4631e824e01319b09abbd77b68dd8c825b5b4f2a0881e322fdba569d9198b4363b8dc2a8397989a1dbd8ca8ae8079e4a354f351
SSDEEP

196608:fCK6bnDCqXMx9CXCiuFGKa/j130WJoulXkGxxtpIWe0MS3/BWMDhiA1uNSaX0mqU:fCT3C9SR304oul0oDfP3ZWMd91uYW/qU

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Client.com
unpack001/Library.png

Files

aa472a5c9e9d550f.zip
.zip
Client.com
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

5N!q�q
Size: 1KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Library.png
.dll windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

TCPY
Size: - Virtual size: 11.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

x3eB
Size: 12.5MB - Virtual size: 12.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Axgx
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
RunAsAdministrator.bat