3eb12879c10967111f1bae71c0d173c2[.]zip | Triage

Sharing

General

Target

3eb12879c10967111f1bae71c0d173c2.zip
Size

256KB
MD5

9fe0e0d54a6e44eb7961d11349a40b74
SHA1

b808bf8bd744e7d5070fb63846df2950908cfd73
SHA256

ca7ae6a6152d1c96aacd5aec548c3639c16716d4188594b751ae5722fa3a1610
SHA512

2f5ebf808787a79fee0bdf60d56082706395845a190db1cb7c6977d6c68a941aa7b2b6c9b789036bff3acf0dbc38a92144bca3421fcb876b9fc8ea3099890590
SSDEEP

6144:nIW6E6Xw+0w2lq1RVcjN+GxEj4FkXEFgj6J+i7gnX0u:nIW6E6X0wVcsILk0p1Mku

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/f56246eeec5a332ef0110dfc0004fc663f8a95e19afc13e9f812bb333655e100

Files

3eb12879c10967111f1bae71c0d173c2.zip
.zip

Password: infected
f56246eeec5a332ef0110dfc0004fc663f8a95e19afc13e9f812bb333655e100
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 225KB - Virtual size: 225KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ