f826a7b7cb1024d917de323835784c32[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f826a7b7cb1024d917de323835784c32.zip
Size

152KB
MD5

7058b54f02966a313b3b38e3c95a89b9
SHA1

8ad4b16b8175e7137fe8dac7d8894d446a09b5af
SHA256

26ee4fe7f4a172a2848f1d96820ae492d4cabbf0b6247bc13a5cd9655f48aa64
SHA512

ba4cc79597735211f4d5f53f59902ad64690b38f3fdecf51c74e3fac3d0ea234ddd7aeb304b96abbe2485e2c4f6f64dfca40b3d0ca834efdddee7f71fcc2ca83
SSDEEP

3072:TEKUrJWXN/dg6zaLXFBzfXO25CUKBOKs6NIroiRRNgFD34vyHDktIhxtcQNri:T7wJWXN/d/aLXLLXF532s60RRiFkvXtJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/294f8f0ee72ee35dd027e4e1c20fd934009db24a7c5e7b7add8624dccf2f91fc

Files

f826a7b7cb1024d917de323835784c32.zip
.zip

Password: infected
294f8f0ee72ee35dd027e4e1c20fd934009db24a7c5e7b7add8624dccf2f91fc
.exe windows:4 windows x86 arch:x86

Password: infected

98c88d882f01a3f6ac1e5f7dfd761624

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess

user32

MessageBoxA

Sections

Size: - Virtual size: 116KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 24B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 52KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE