ca156366c023c64cb0a2074a57b8fa26[.]zip | Triage

Sharing

General

Target

ca156366c023c64cb0a2074a57b8fa26.zip
Size

159KB
MD5

774e058f0b6b8e9255cbc2dcb7aba454
SHA1

ff77655598d8c7263b48204308da4357ae2a8f36
SHA256

8b1df0d122c60401912e479f60afe89ff8e322da11966a79c8372be265f96599
SHA512

34a7f48c84fb124241f8173846c881fc7c6c0d8436d4e8156f609826490b1e34d2c201112c59f0379e9aad63afcbe4832a1cb7ea5466fcf56eb838f56eb5f05e
SSDEEP

3072:YEwtyWv1RhdaO0Md9IOhkR53UH0BReOblgEfzRJ27BZk8uJIN0ck6jvQDc0tdxlX:YESjv1Rh/0cv+5EH0BwOblpLX27zk8A9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/b2d8f64d585c4504658a80ef5d76d9cd42206c579d26a3e007bb74cc44b28ce9

Files

ca156366c023c64cb0a2074a57b8fa26.zip
.zip

Password: infected
b2d8f64d585c4504658a80ef5d76d9cd42206c579d26a3e007bb74cc44b28ce9
.exe windows:4 windows x86 arch:x86

Password: infected

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\users\jaber\documents\visual studio 2012\Projects\skee\skee\obj\Debug\skee.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ