139f804af6727f40136efc05b3810f07[.]zip | Triage

Sharing

General

Target

139f804af6727f40136efc05b3810f07.zip
Size

455KB
MD5

2ae8f998fd08ccc071d3161ba532281b
SHA1

1462a45cedfdf0653970a0d435427d7da072262f
SHA256

7093704bdad688cbdb775de4b07daf5e586a9a7c065537d870e4aa07c4fa2075
SHA512

c19792d812055d75318c3b92f6f1a2ed640820c9ea76f0064e28d684d566b5133c51b9bddcec2a87ffc637dcea3659a0b4b2af60bbb64aab01216a08e60eca2c
SSDEEP

12288:0nwfhbKQ1qLsVzlHs4FNNwjM3L7ZcD2WZdj:dhuQ0LPXjM3L7Zcjx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/2d660b816d3e2c96db56d5d2e6743b8e649c63dda5e46327b5dbffdceab1d499

Files

139f804af6727f40136efc05b3810f07.zip
.zip

Password: infected
2d660b816d3e2c96db56d5d2e6743b8e649c63dda5e46327b5dbffdceab1d499
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 721KB - Virtual size: 721KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ