d792d6093f3dbbd65e9219b105b02e08[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d792d6093f3dbbd65e9219b105b02e08.zip
Size

14.6MB
MD5

9856addd01cc402865c57e78f0fe51c9
SHA1

61d3e583c20eacadf2f607cfed7daaefb257b8ff
SHA256

9aa23afa3c8d0e666fb5168ac30f1c7e5aa51209a5bb4a78823838b8e6ff84e8
SHA512

4448cc6cd23b5582d7917fbcba2adc7c34b8bb29867bae951e7a9cd9b58ec58e09c5b73d11bded40f170b381e5a809b68b8cdc6480cec240f1e7a3925d7f65cb
SSDEEP

393216:bXsS/tkHsLKbnRP6OdmcamKS/CBS2ZMbhx95PONel5:bpLKsOkc0S/CBS3bhx95hl5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/57c37fece820cf0b9401544de682652e57895bf270db5a985bc92e3f19d4da93

Files

d792d6093f3dbbd65e9219b105b02e08.zip
.zip

Password: infected
57c37fece820cf0b9401544de682652e57895bf270db5a985bc92e3f19d4da93
.exe windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ