ceaa571a403d540dd0e890535d68a900[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ceaa571a403d540dd0e890535d68a900.zip
Size

28KB
MD5

41878fc63c3817f0b11c52561d5a69ce
SHA1

b2c13ec1c54f826a72cc1d4421ecf1018562ab19
SHA256

cc41d61fbc57635928cafb1ef5394e71d9b56c7e98c06eb5ee0e5ff8d1367a3a
SHA512

d529fe49187dec0236e5962b7599599c9f765c0d82a761061b89e3efcc24d36b8519e90940227aa8b3f6364e1b307e65d242456859aa43b914739f5a1dd95955
SSDEEP

384:ySmMchtAMGY8ZOBScSgn1qVi5HKc5OGLjhSMJcUaKJsmBWwg24bSKn+DkpuXImYH:JjchBqdcSywCHKcEULrBSHK4bSK2yFP9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/ff5812629ee297dfc26ca80904096a7d5a2f2f315cdd6e2bd2c546111b18643f

Files

ceaa571a403d540dd0e890535d68a900.zip
.zip

Password: infected
ff5812629ee297dfc26ca80904096a7d5a2f2f315cdd6e2bd2c546111b18643f
.exe windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 7KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ