b9bf5a38d81b41568fe83ba3e11488cb[.]zip | Triage

Sharing

General

Target

b9bf5a38d81b41568fe83ba3e11488cb.zip
Size

1.0MB
MD5

6d586ed3e0dfe3395ef79f4f0347fde7
SHA1

e9f0b0d58314248f2bd01f125dffe5ce92ffa6dc
SHA256

ba89b0d54601e6a66c6561d641d42f74d2d5d5eaac4af1aae3b761bc97f55a2c
SHA512

0ed86deed75c87522518cdc0e3451a4b932ad7ab4150e8cc80be0ff370da36c0b3a5f56905c3646f0d080dab692eda7462b5a0045c4be6eeed6f7ec3cb86ed9e
SSDEEP

24576:udodZHZp9VggOuRyPzclnvSR7Mw/fRkEYYqY+t:0azfg1uErcJvA7MwfRkpp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/7fa6848e5a9898daa7c1b81c70444d3829f0b767109fd30972d9f4c085cdb558

Files

b9bf5a38d81b41568fe83ba3e11488cb.zip
.zip

Password: infected
7fa6848e5a9898daa7c1b81c70444d3829f0b767109fd30972d9f4c085cdb558
.exe windows:5 windows x86 arch:x86

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 324KB - Virtual size: 488KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 748KB - Virtual size: 772KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

petite
Size: 676B - Virtual size: 676B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ