ed34584fdabe8e2a54e5e4858c1ea7b5[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ed34584fdabe8e2a54e5e4858c1ea7b5.zip
Size

28KB
MD5

fd33699845b35dbfd10c70a02a31fdf7
SHA1

cbb3f9313dcb1beb43cf53c7b3559d0f50bb73f4
SHA256

1b4c9030bcd53fc74deac20af158ce7ea657a43572e5f92df55fb5f818cba31a
SHA512

82c2e2b61dbde5df3f04b003e37a06c1938ad67ebbd41caebc88f42b1cc7f1511f314e6a0fb8a4130d5eaca472fffb665258a7b70e19aa633774d41d73d40053
SSDEEP

768:NClJd+F2Tr7Dc/FQkbly8zW3714lFC411fGpBlrGyyBZ0NlV47:NC3TI/po8zUil5UWBaW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/f390a11c8c293164b86c6656f76ca9c34933124f232f804620c54b51abfbeecf

Files

ed34584fdabe8e2a54e5e4858c1ea7b5.zip
.zip

Password: infected
f390a11c8c293164b86c6656f76ca9c34933124f232f804620c54b51abfbeecf
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ