02449ec9c41d7c3f882d1fc16cba1c2c[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02449ec9c41d7c3f882d1fc16cba1c2c.zip
Size

58KB
MD5

94245db0cc38e8c72406c47e9dc396cc
SHA1

f9ce12736360a22d230201e88ebe38b3113854bf
SHA256

a1dce75258030f583e59442ead10a1aa7517e677c937d8d19f2a38b17e5b194f
SHA512

27c0818e54062e3fee996d82a61b82dfc0d620830a38e25b479a816e574dbc2c3681223cea62f5968a5038636b5d6d2595f1de5385a39792c9cd8bb4bde2fce0
SSDEEP

1536:gRZF3vdjGR4LPr80DgrlzlRkogfNZJK8DxTRS5I1:cfIR4v80is/f5KYlRl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/9b92147969e402052a6e43060a1fa7357ae419b75a6031c57b8487050eae58f0

Files

02449ec9c41d7c3f882d1fc16cba1c2c.zip
.zip

Password: infected
9b92147969e402052a6e43060a1fa7357ae419b75a6031c57b8487050eae58f0
.exe windows:5 windows x86 arch:x86

Password: infected

b892955ae494fe908bdf52e81e1dfa4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

user32

EndPaint

advapi32

RegCloseKey

shell32

ShellExecuteA

ws2_32

WSAStartup

iphlpapi

GetAdaptersAddresses

Sections

HSUDHUHW
Size: - Virtual size: 148KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

HSUDHUHW
Size: 57KB - Virtual size: 60KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE