c39fc5a8304cf4309110ff64b59d1c7c[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c39fc5a8304cf4309110ff64b59d1c7c.zip
Size

10KB
MD5

9aa4ceff7666d351d2bbcf5e3ed8b9bc
SHA1

5d83538127d7c58c3b5fad7745b3819015ed6194
SHA256

602db871a03edd9b16e358388afbf3c513b489dd3cc3ad41eacdc6b42ee5aa16
SHA512

5f58a06dea0e1559fd7f8b24a5f3855ece60dc92b460f0eaae8fd233f2ac3b7e584964cff30f8ed1e83cccd76ef13292913999055a0f934829a9e611c24e55ba
SSDEEP

192:OhRu3xzJKqrIvaFWoZUQDKDmOe8jrCeCwifY5972xi8pXmgfp7F9mnqqnFMf:oM3xzJKqXFN+NDmOtP159CQ6XmgfPMqZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/4817e8fd7ab9ee5e5c61df653805d1f3164a732e3267c505d1afcbaa69b0ff39

Files

c39fc5a8304cf4309110ff64b59d1c7c.zip
.zip

Password: infected
4817e8fd7ab9ee5e5c61df653805d1f3164a732e3267c505d1afcbaa69b0ff39
.exe windows:4 windows x86 arch:x86

Password: infected

31d4e32d25a8edd50bc4643514faefe0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

EndDialog

msvcrt

exit

Sections

.MPRESS1
Size: 6KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1024B - Virtual size: 897B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE