43e2c392a6007e927c91c8e7fbfaaa3d[.]zip | Triage

Sharing

General

Target

43e2c392a6007e927c91c8e7fbfaaa3d.zip
Size

3.5MB
MD5

320f21ebe41bfece144f597c9f6f98c5
SHA1

c3306ea45720906b55051c72481aa646491e35f1
SHA256

727edb60edbed3d46c58d709c719b839f4a76a04e592e760e35798a4ba1abcd0
SHA512

027ed1c3db3247928d5087c59900a092d88e98a598cf3d7378bcbff2f2416e9716c90c0fbb9b0dd522a5a6013ca19d5b2ac5d2c74d4f09478aae5b875897787e
SSDEEP

98304:LDYJ0UsFLxS0SBzb1eb/26vNWYjcvWOUwBDakzx:s0U2Ldb26v0YAMYak1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/86313325205b7195c2c3219a59eb0b87c52a7d5fd0552f8219cf9aa13d8e0775

Files

43e2c392a6007e927c91c8e7fbfaaa3d.zip
.zip

Password: infected
86313325205b7195c2c3219a59eb0b87c52a7d5fd0552f8219cf9aa13d8e0775
.exe windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 2KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ