Quarantined Messages (1)[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Quarantined Messages (1).zip
Size

9.4MB
MD5

90758e37b6ac41c10c99bd96ae64ce68
SHA1

c8d1d38852a097599d83ecfe5134a89b56d94851
SHA256

f6cedcebb00f2fb94163560e9f1c0bbd1beb1d5453ec0d01bb6712670eb6aad7
SHA512

e96a9fd8371968192784b6bdf1fb6e2606726bb5393769550125f0bccf1cdd459964d84bf0bcb923c743912542d043eac60fd1fc186308e8bbbed395dbd05f9e
SSDEEP

196608:CWNg2Yy9Q8XtxI1F/B2U4hOvqT7icV/Rbp38W6LReAsh99MWXcvzW:CWPb9Q0jEEmcV/1p38W6Lc99XcbW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/fp2006-final-3.00-setup.exe

Files

Quarantined Messages (1).zip
.zip

Password: infected
fp2006-final-3.00-setup.zip
.zip

Password: infected
fp2006-final-3.00-setup.exe
.exe windows:1 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ