b866dadf9c7abf2597c24cae6ac80048[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b866dadf9c7abf2597c24cae6ac80048.zip
Size

225KB
MD5

5e6c09d0dee2687c234d2ac3b1ee70d5
SHA1

0778362f4d066b45f98760aa6685ff71d35847c5
SHA256

cd4b6da6dca0bf0173aadbd4c51387f303227cfd75deaeabefc6f6b5eb9c1552
SHA512

d90bd845771ca880dcd9c27e27b5bde7b614f4f88ba8668395c74dde0d1aa419aaa371b6fb2aebc9d4774e8a46f95753b654bdfb174d29f576e3145fbbc55c85
SSDEEP

6144:e80jP9JDGZQDcf1X8VS/3MvmSEMTK21wkYzu:BgnFIfN2SPMvyMyu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/2824bf3059882e26e57ba5dda335ac0fecf5f0a005419168eec98fd27f6bdcff

Files

b866dadf9c7abf2597c24cae6ac80048.zip
.zip

Password: infected
2824bf3059882e26e57ba5dda335ac0fecf5f0a005419168eec98fd27f6bdcff
.exe windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.data
Size: 1024B - Virtual size: 996KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 260KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 3B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE