36dfcecfd3c280343595689fd7db4df9[.]zip | Triage

Sharing

General

Target

36dfcecfd3c280343595689fd7db4df9.zip
Size

513KB
MD5

c067c392633ab64d2d96f1858c6fa61d
SHA1

2f9f97d771a789fd2f249206b2997ec24ccfc9a5
SHA256

7ada7025e72a5d1cfb84995831e1ebd88e0fa9c12543cc7ff1666f60d14c00c5
SHA512

7544a4164482e092d20266d3858e0f51e3f899a36db98a44aae9d212c00ee146f25e2bbe44e4e524ec9f37fd2543be305d264b08bb53b921860a628eeb6dd589
SSDEEP

12288:TPJcILpVzhuHanXmB55VZWbKGy0ceOxfxMzMBuavc:TPfThu6nWJVZo3ytdfeoBI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/14b6d304358ee2e432f7012d26bf4abf74a1d5fc6f6295d53f400ca91c458042

Files

36dfcecfd3c280343595689fd7db4df9.zip
.zip

Password: infected
14b6d304358ee2e432f7012d26bf4abf74a1d5fc6f6295d53f400ca91c458042
.dll windows:4 windows x86 arch:x86

Password: infected

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

agamamouloveloveloveblowjobagamamoublow

Sections

CODE
Size: 872KB - Virtual size: 871KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 103B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ