Nowy Archiwum WinRARa (ZIP)[.]zip | Triage

Sharing

General

Target

Nowy Archiwum WinRARa (ZIP).zip
Size

279KB
MD5

6a1f16392bee41e0f0fc3cf8a069c9b1
SHA1

cd56085123e88283e8e53b83ef87bf80919c36f3
SHA256

241b6778b05e6b49fe9a86753a2730e2e4912c91d0588cf36b36364b74fd4872
SHA512

9c0700ca1e3cb71fb4879838300ca6437fa4849bd3e8c13fb4dae6e79743dd7f6bbcaa29099123170b88422dd3dd9d55bfc1ca39a562d6c997b8de190de55b9b
SSDEEP

6144:yV/ION1p1il+PlPiCf2iChJP3GXiQOWDbhMBYmRDGfPLzpfX45y1Ug:yV//pCjiqfGSvWdKGnLlf45A7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

unpack001/Bootstrapper.exe

Files

Nowy Archiwum WinRARa (ZIP).zip
.zip
Bootstrapper.exe
.exe windows:4 windows x64 arch:x64

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 793KB - Virtual size: 793KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DISCORD
workspace/IY_FE.iy
workspace/KavoConfig.JSON
workspace/Speed Hub X V4.lua
workspace/ZapHub/ZapHubFolder.zaphub
workspace/flingv2.iy
.js
workspace/shaders.iy
.js
workspace/walkerps99.txt