e79b2cc72d532397f9a20b1290a359ba[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e79b2cc72d532397f9a20b1290a359ba.zip
Size

114KB
MD5

b2753ad04eea0efe3e9f139c142eb6ed
SHA1

a34be560cf19729a668fb10d50b9a02ee884bee0
SHA256

9d07aeb13eda07782a4b463b8805524e9be54f0fd5751f409a3c3cb8b4fac46b
SHA512

777771082077e4b8606d1e5f1e430188423698be201b54f5c1187cb09cb7da87e6fd06e7c5c000769dec963dc7afdaa3f0d70d40ca5e184e626bd097de363b32
SSDEEP

3072:5j+xZqGFM7iUD7Wpaeqp+dUkiV9CrjOEUJXa:UbgN8dBGdVgUJXa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/d136cdcf8f0c00bf28660d2ecc194c303b5317ab71ed6c14f8a7e996d02ac84e

Files

e79b2cc72d532397f9a20b1290a359ba.zip
.zip

Password: infected
d136cdcf8f0c00bf28660d2ecc194c303b5317ab71ed6c14f8a7e996d02ac84e
.exe windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.petite
Size: 35KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1024B - Virtual size: 741B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE