d3a76d8a0a9ecb665cf58de4bd7e4ece[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d3a76d8a0a9ecb665cf58de4bd7e4ece.zip
Size

57KB
MD5

6291f481b0fccaf9418f82920555c70a
SHA1

3543f7a9d4e758b7a3a0fad044481cd381632c48
SHA256

d59f85a6ab04830e444bf11a7692419b2a2928f82b3483aa7226020445b744b0
SHA512

9970948043f95a53a0174c1080991422e0480048b4a3a9e8af19db7fa21056b1082e825e4e05d9a622eee6566e5dc0f4c67afcbdf841b002af29af3c553a4b22
SSDEEP

1536:RrlVmQqbL7DCY56rdTzhQWJCQRwYJNp7aOpmRfyL:RxUQM1atoOpJvtGfg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/213b7fa8df02766d7fac80b687bcdcb4d32e26584afb010107ca919b737c9c73

Files

d3a76d8a0a9ecb665cf58de4bd7e4ece.zip
.zip

Password: infected
213b7fa8df02766d7fac80b687bcdcb4d32e26584afb010107ca919b737c9c73
.exe windows:4 windows x86 arch:x86

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ