a59cffb4eac4facc42695968ea593198[.]zip | Triage

Sharing

General

Target

a59cffb4eac4facc42695968ea593198.zip
Size

2.8MB
MD5

666f3cac466b6024b2490cddf0397a32
SHA1

36eca8ce49acb608d05d52ecf6c736f364d7bffa
SHA256

1c2b45cef43291b8c94f399ae4f1a10dc1abca821fa3516867d686970bdbd696
SHA512

095957fe2d6c80a598860c7536018b4490663ed0df81a22d66f9802a413ce0f55c306aa44eaa407b65961012858801dfc2337d8dc83c1985b2215fc86612c2e7
SSDEEP

49152:rcRuT7gMzbYdpiriIsVUyrkf0eOobwSkw6XbIJRBx4y4yJCMmS33MMMOHqwOXTMj:dT7sirzsVUyrksub/r6KR7lGS3cyH0y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/d330ccb2ebcef992c89714bff64102c30d612e08016853948afd4f7425051947

Files

a59cffb4eac4facc42695968ea593198.zip
.zip

Password: infected
d330ccb2ebcef992c89714bff64102c30d612e08016853948afd4f7425051947
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ